Privacy Cards

WarnAudited by ClawScan on May 10, 2026.

Overview

This skill appears purpose-aligned, but it can control Privacy.com payment cards and view sensitive financial data using an API key, so it needs careful review before use.

Install only if you intend to let the agent work with your Privacy.com account. Use sandbox or least-privileged API access when possible, require confirmation before card creation/closure or limit changes, and avoid exposing full card numbers, CVVs, or transaction details in shared chats or logs.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High

#ASI02: Tool Misuse and Exploitation

What this means

If invoked incorrectly, the agent could create cards, alter spending controls, or permanently close a virtual card on the user's Privacy.com account.

Why it was flagged

The skill documents direct API commands that can permanently change a payment card's state, with no explicit confirmation, sandbox default, or rollback guidance.

Skill content

### Close a card (permanent)
```bash
curl -s -X PATCH "https://api.privacy.com/v1/cards/{card_token}" ... -d '{"state": "CLOSED"}' | jq
```

Recommendation

Require explicit user confirmation for create, close, pause, and spend-limit changes; default to sandbox where possible; and limit each action to a user-specified card token and amount.

High

#ASI03: Identity and Privilege Abuse

What this means

Providing the API key may let the agent access card records, transactions, and account-level card controls beyond a single narrow task.

Why it was flagged

The skill requires a Privacy.com API key that can access and mutate payment-card resources, while the registry metadata declares no primary credential or required env var.

Skill content

export PRIVACY_API_KEY="your-api-key"
...
All requests: `Authorization: api-key $PRIVACY_API_KEY`

Recommendation

Declare the credential requirement clearly, use the least-privileged API access available, prefer sandbox/testing keys, and avoid giving the agent broader account access than needed.

Medium

#ASI06: Memory and Context Poisoning

What this means

Full card numbers, CVVs, expiry dates, and transaction details are sensitive financial data and could be exposed if copied into shared logs or conversations.

Why it was flagged

The documented API response can include full payment card details, which may enter tool output, chat context, logs, or transcripts if the agent retrieves them.

Skill content

"pan": "4111111111111234",
"cvv": "123",
"exp_month": "12",
"exp_year": "2027"

Recommendation

Only request full card details when necessary, redact PAN/CVV in outputs by default, and avoid storing or sharing transcripts that contain payment-card data.