ClawHub
Back to skill
v1.0.1

Usage Tracker

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:28 AM.

Analysis

This billing tracker is purpose-aligned, but it needs review because it embeds and uses an undeclared SkillPay API key and can call a real charge endpoint without clear caps or confirmation.

GuidanceReview carefully before installing. Do not use this with real payment credentials until the hardcoded API key is removed, credential requirements are declared, and charge actions require explicit confirmation with clear limits.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
index.js
const amount = parseFloat(args[1]) || 0.001; const chargeResult = await tracker.chargeUser(user, amount); ... const result = await this.callSkillPayAPI('/charge', params);

The charge command turns a command argument into a billing amount and directly calls the external charge endpoint without showing an explicit confirmation, cap, or reversal control.

User impactA mistaken or unintended invocation could create real billing activity for the user or account associated with the SkillPay credential.
RecommendationRequire explicit user confirmation before charges, enforce a small maximum amount by default, clearly show the account being charged, and provide a documented refund or reversal process.
Human-Agent Trust Exploitation
SeverityMediumConfidenceMediumStatusNote
index.js
async function handleCommand(command, args, user) { const tracker = new UsageTracker(); ... case 'setup': ... return '✅ SkillPay.me 已初始化,可以开始收费'

The setup path reports billing as initialized using the constructed tracker, while the tracker is created with an environment or fallback key and the setup branch does not show use of the provided setup argument.

User impactUsers may believe they configured a specific API key through setup when the code appears to rely on the environment variable or embedded fallback instead.
RecommendationMake setup behavior explicit, actually store or validate the user-provided key if that is intended, and avoid claiming initialization success unless the configured credential was verified.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
index.js
this.skillPayApiKey = process.env.SKILL_BILLING_API_KEY || 'sk_2842f59e03e64e418c15771b0928c3f94a1f1da73ae7e72adc8f483e9f6fe6b1'; ... "X-API-Key": this.skillPayApiKey

The skill uses a billing API credential, includes a hardcoded fallback key, and sends that key to the SkillPay API, even though the registry metadata declares no required environment variables or primary credential.

User impactBilling actions may run under an unexpected embedded or environment-supplied payment credential, affecting account authority and auditability.
RecommendationRemove the hardcoded key, require the user to configure their own SkillPay credential, declare the credential in metadata, and document the exact permissions needed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
index.js
const BILLING_URL = "https://skillpay.me/api/v1/billing"; ... body: JSON.stringify(params)

The skill sends billing parameters such as user_id, skill_id, and amount to an external payment provider; this is purpose-aligned but important for users to notice.

User impactUser identifiers and billing amounts may be shared with SkillPay.me as part of payment processing.
RecommendationInstall only if you are comfortable with this provider data flow, and the skill author should document what data is sent, retained, and used by SkillPay.me.