ClawHub

Payment Gateway Toolkit

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed payment-integration skill for Stripe and Alipay, with financial risk that users must manage but no hidden or unrelated behavior found.

Install only if you intend to connect an agent or application to Stripe or Alipay. Use sandbox/test credentials first, keep API keys and private keys in environment variables or a secrets manager, avoid committing keys, review refund and order-creation paths before production use, verify webhooks, and make sure your privacy/PCI/compliance obligations are covered.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill clearly describes and demonstrates network-backed payment operations to Stripe and Alipay, but the manifest does not declare corresponding permissions or safety-relevant capabilities. This weakens transparency and reviewability, increasing the chance that users invoke external payment actions or transmit payment-related data without adequate informed consent or sandbox policy enforcement.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README advertises live-payment capabilities including order creation, refunds, and webhook handling but does not warn users about the risks of operating on real payment systems, handling financial side effects, or protecting payment credentials. In a payment-processing skill, omission of safety guidance can lead to accidental live charges, improper refunds, and insecure deployment practices, especially when users copy examples directly.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The quick-start example shows direct insertion of a Stripe secret key and Alipay private-key material in code without any warning about secure secret handling. For a payment skill, this strongly encourages unsafe copy-paste patterns such as hardcoding credentials in source files, which can lead to credential leakage, account compromise, fraudulent transactions, and unauthorized refunds if the code is committed or exposed.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The English quick-start repeats credential setup for payment APIs and private keys without any security warning, reinforcing an unsafe implementation pattern across the documentation. Because this skill operates in a financial context, misuse of these examples can expose highly sensitive credentials and enable real monetary abuse, making the omission more dangerous than in non-financial tooling.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The overview describes order creation, refunds, status queries, and async callback handling, but does not warn that these actions can trigger real financial operations or expose customer/payment metadata to external processors. In a payment skill, omission of operational and privacy warnings is risky because users may treat examples as safe to run in production-like environments.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The quick-start includes direct use of API keys and payment-creation calls without any warning about secret handling, least-privilege credential storage, or the possibility of real transactions. This is more dangerous in context because users may copy-paste the snippet with live credentials, leading to accidental charges, refunds, or key leakage through source control and logs.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The English overview repeats payment, refund, webhook, and tracking capabilities but omits privacy, security, and real-world financial impact warnings. Because this is a payment-processing skill, the absence of those cautions makes misuse more likely and reduces informed consent for handling externally transmitted payment data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal