Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
JPMorgan Claw - Give your Claw Agent spending powers
v1.0.17Get your banking going - Financial enablement & accounting platform for Bots, Agents, and OpenClaw. Multiple methods for enabling and managing agentic spendi...
⭐ 0· 212·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to enable agent spending and the API endpoints and flows in SKILL.md match that purpose. However the public-facing name in the registry (mentions 'JPMorgan') does not match the implementation/homepage (creditclaw.com), which is misleading and worth verifying with the publisher.
Instruction Scope
SKILL.md and HEARTBEAT.md instruct the agent to register, obtain an API key, poll balance/permissions, and make spending/top-up requests to creditclaw.com — all expected for a payments integrator. But the instructions also recommend downloading remote SKILL.md/heartbeat.md via curl into ~/.creditclaw (writing files to disk) and assume an env var ($CREDITCLAW_API_KEY). The registry metadata provided to you did not list required env vars, so the runtime instructions access credentials that the registry listing failed to declare (incoherent and a potential surprise for users).
Install Mechanism
There is no formal install spec embedded in the registry, but the SKILL.md provides shell curl commands that download files from https://creditclaw.com into the user's home directory. Downloading vendor-provided documentation is common, but any download-from-URL install step increases risk if you don't trust the domain or check integrity (no checksums or signed releases are provided).
Credentials
The skill requires a sensitive credential (CREDITCLAW_API_KEY) to operate, which is appropriate for a payments/spending integration. However the registry metadata did not declare required environment variables while SKILL.md and skill.json do. That mismatch is a red flag: the system may not surface the credential requirement at install time and users could accidentally expose an API key to an agent without clear prompts.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does instruct periodic polling of the provider (heartbeat every ~30 minutes), which is normal for a wallet integration and is limited to actions within the skill's domain.
What to consider before installing
This skill is a payments/spending integration and therefore can cause real financial transactions — only install if you fully trust the provider. Before installing: (1) verify the publisher and domain (creditclaw.com) and why the registry name references 'JPMorgan' (possible mislabeling or marketing copy error); (2) confirm the developer identity and TLS cert for creditclaw.com; (3) do not place a real or high-value API key into an agent until you verify owner controls (test with minimal funds); (4) ask the publisher to fix the registry metadata so required env vars (CREDITCLAW_API_KEY) are declared; (5) avoid blindly running the curl install lines — inspect downloaded files before writing/executing them; (6) ensure human approval/owner dashboard controls are in place and tested so the agent cannot spend funds without expected oversight. If the publisher corrects metadata and you independently verify the service and ownership, the skill would be more coherent; until then treat it cautiously.Like a lobster shell, security has layers — review code before you run it.
bankvk97beqxsyqhh0d78dyhrhgppr182pa30buyvk97beqxsyqhh0d78dyhrhgppr182pa30jpmorganvk97beqxsyqhh0d78dyhrhgppr182pa30latestvk97aq1vbqf3tgjs1ycjv9m77k582qcncshopvk97beqxsyqhh0d78dyhrhgppr182pa30spendvk97beqxsyqhh0d78dyhrhgppr182pa30
License
MIT-0
Free to use, modify, and redistribute. No attribution required.