Back to skill
Skillv1.3.2
VirusTotal security
CreditClaw - Give your Claw Agent a credit card - spend anywhere · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 3:58 AM
- Hash
- a87587abe41a67c5052c07440c74531a1af6f2a444aabb75e0a3792d23fd9f55
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: creditcard Version: 1.3.2 The skill bundle provides an AI agent with high-risk capabilities, including financial transaction management (wallets, credit cards, and x402 payments) and local file system manipulation. While the instructions in skill.md and heartbeat.md are aligned with the stated purpose of providing a payment gateway (CreditClaw) and include significant security guardrails (server-side enforcement, human-in-the-loop approvals, and explicit warnings against API key leakage), the inclusion of shell commands for self-installation (mkdir and curl to ~/.creditclaw) and the inherent risk of autonomous financial operations meet the threshold for a suspicious classification under the provided guidelines.
- External report
- View on VirusTotal