ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

PayLock Escrow

v1.0.0

Non-custodial SOL escrow for AI agent deals. Create contracts, lock funds, verify delivery, release payments. Use when: (1) creating escrow contracts between...

0· 41·0 current·0 all-time
byOleksii Kaganovsky@kgnvsk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared purpose (non-custodial SOL escrow, marketplace, trust scores) matches the provided API endpoints and examples. It is plausible that an instruction-only skill would not need local binaries or env vars. However, an escrow/payment integration would normally document how on-chain payments are authorized or how release actions are authenticated; the SKILL.md provides no signing, wallet-key handling, or auth tokens, which is unexpected for a payments API.
!
Instruction Scope
All runtime examples are plain curl calls to paylock.xyz with no authentication headers, signatures, or proof-of-authority shown for sensitive actions (verify, release). The SKILL.md also contains an explicit rule: "We are ALWAYS the payee. NEVER the payer." Combined, these instructions could encourage an agent to create contracts that route client funds to agent-controlled addresses without showing how that is securely authorized or audited. The instructions also reference submitting URLs and hashes as delivery proof (reasonable), but do not constrain or authenticate who can call /release or who may modify contract state.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest risk from install. Nothing is written to disk by the skill itself.
Credentials
The skill requests no environment variables or credentials, which is consistent with an API that uses client-side on-chain deposits. However, for an escrow service that releases funds to wallets, you would typically expect instructions about wallet keys, signing transactions, or API keys for authenticated release operations. The absence of any credential guidance is unexpected and unexplained.
Persistence & Privilege
The skill is not always-enabled and has no special persistence or privilege flags. It does not request modifications to other skills or system settings.
What to consider before installing
Before installing or using this skill, verify the paylock.xyz service and its security model: ask for public documentation showing how deposit addresses, release actions, and dispute resolution are authenticated (on-chain signatures, multisig, or API tokens). Do not let an agent create contracts that send funds to an agent-controlled wallet without explicit, verifiable on-chain proof and human review. Test with very small amounts first. Be wary of the rule "We are ALWAYS the payee" — that biases behavior toward routing client funds to the agent; confirm this behavior is intentional and auditable. If you need to use escrow, insist on authenticated release flows (signed transactions or platform-issued tokens) and verify the operator identity of paylock.xyz before trusting real funds.

Like a lobster shell, security has layers — review code before you run it.

latestvk9773n0atz6hpr3jc8kxrksbts83p22s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments