Stripe Agent Wallet | Use Stripe top-up your agentic wallet - Private Beta
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill coherently supports CreditClaw/Stripe wallet shopping, but it intentionally gives an agent financial spending and checkout authority that users must tightly control.
Install only if you intentionally want an agent to have CreditClaw wallet and checkout authority. Before use, confirm the owner dashboard approval mode, per-transaction and daily limits, webhook settings, and where the API key is stored. Treat this as a real payment capability, not a general shopping helper.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent that obtains the key may be able to perform wallet operations subject to CreditClaw guardrails.
The skill explicitly treats CREDITCLAW_API_KEY as the agent's financial identity and spending authority. This is expected for the wallet purpose, but it is a high-impact delegated credential.
"leaking it means someone else can spend your owner's money"
Use a dedicated, low-limit wallet/API key, verify approval mode and spending caps before use, and never expose the key outside requests to creditclaw.com.
If misconfigured or used carelessly, the agent could submit purchases or payment forms the user did not intend.
The guide instructs the agent to use browser and API actions that can complete real purchases. This is central to the stated checkout purpose and includes approval/confirmation steps, but it is financially consequential.
"Decrypt card details ... Navigate to the merchant checkout page ... Fill shipping/billing, then card fields ... Submit and capture confirmation"
Require explicit human confirmation for purchases, review merchant and amount before submission, keep low spending limits, and preserve the documented hard stops for CAPTCHA, 3DS, and OTP.
Payment workflows may depend on remote instructions that the user has not reviewed in advance.
The skill can fetch and follow remote CreditClaw-provided vendor instructions that are not included in the reviewed artifact set. This is purpose-aligned merchant routing, but it expands runtime trust to provider-supplied Markdown.
"If a vendor skill exists → use it" and "Returns the vendor's complete checkout instructions as Markdown."
Inspect fetched vendor instructions before payment, and do not let remote instructions override user approval, spending limits, or credential-handling rules.
The agent may continue checking wallet state or messages outside a single purchase task if the user configures it that way.
The document asks for recurring polling of messages, status, and spending permissions. No background code is included, but the instructions could lead to ongoing agent activity if enabled.
"Run this routine periodically" with checks "Every 30 Minutes", "Every 8 Hours", and "Every 24 Hours"
Only enable periodic polling when you want it, define a stop condition, and avoid unattended background activity unless it is part of your wallet-management plan.
A poorly secured callback endpoint could expose sensitive financial events or let forged events influence the agent.
Sensitive wallet and card-delivery events can flow through a webhook endpoint. The guide makes webhooks optional and includes signature verification, so this is a disclosed integration risk rather than hidden behavior.
"callback_url" is used for "approval results, card delivery signals, and spending alerts" and webhooks must verify the "X-CreditClaw-Signature"
Use only an HTTPS endpoint you control, store the webhook secret securely, verify every signature, and do not log secrets or card payloads.