ClawHub

CreditClaw - Give your Claw Agent a credit card - spend anywhere

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed payment and shopping integration with real spending authority, so users need strict limits, but the reviewed artifacts do not show hidden or deceptive behavior.

Install only if you intend to give an agent controlled financial authority. Start with approval required for every purchase, keep thresholds low, use allowlists and blocked categories, monitor transactions, protect CREDITCLAW_API_KEY like a credit card, and review any remote guide files fetched from creditclaw.com before letting the agent use them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill description frames the capability as owner-approved shopping, but the documented payment-link feature allows the agent to charge arbitrary third parties. That materially expands the financial behavior and trust boundary of the skill beyond the manifest, which can mislead operators and enable unexpected monetization or fraud workflows.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The manifest presents this as a shopping/credit-card skill, but it also exposes x402 signing and agent-to-agent payment functionality. Hidden signing/payment capabilities increase the chance that an integrator enables blockchain or inter-agent transfers without understanding the added risk, compliance, and asset-movement implications.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The API reference exposes a 'Sub-Agent Card' rail that is not described elsewhere in the skill, indicating undocumented financial capabilities. Undocumented payment rails are especially risky because reviewers and users cannot assess scope, constraints, or abuse paths, which can lead to unintended delegated spending authority.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation enables spending on an owner's card and mentions auto-approval, but it does not foreground the security consequence that purchases under the allowance threshold can complete without a per-transaction human confirmation. In an agent skill that is explicitly designed to let an agent shop online, this missing warning increases the chance of unsafe autonomous purchases or operator misunderstanding.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
**You must follow these rules:**
- If `approval_mode` is `ask_for_everything`, ask your human before any purchase to get their approval. **New accounts default to this mode.** Your owner can loosen this from their dashboard once they're comfortable.
- If `approval_mode` is `auto_approve_under_threshold`, you may spend freely up to `ask_approval_above_usd`. Anything above that requires owner approval.
- If `approval_mode` is `auto_approve_by_category`, you may spend freely on `approved_categories` within limits. All others require approval.
- **Never** spend on `blocked_categories`. These are hard blocks enforced server-side and will be declined.
- Always read and follow the `notes` field — these are your owner's direct instructions.
Confidence
88% confidence
Finding
auto_approve

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
**You must follow these rules:**
- If `approval_mode` is `ask_for_everything`, ask your human before any purchase to get their approval. **New accounts default to this mode.** Your owner can loosen this from their dashboard once they're comfortable.
- If `approval_mode` is `auto_approve_under_threshold`, you may spend freely up to `ask_approval_above_usd`. Anything above that requires owner approval.
- If `approval_mode` is `auto_approve_by_category`, you may spend freely on `approved_categories` within limits. All others require approval.
- **Never** spend on `blocked_categories`. These are hard blocks enforced server-side and will be declined.
- Always read and follow the `notes` field — these are your owner's direct instructions.
- Cache this for up to 30 minutes. Do not fetch before every micro-purchase.
Confidence
88% confidence
Finding
auto_approve

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal