ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Alby Lightning Payments

v1.1.2

Send, receive, and manage Bitcoin Lightning payments through Alby Hub's Nostr Wallet Connect, including balance checks and invoice handling.

0· 45·0 current·0 all-time
by@kiagentkronos-cell
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's functionality (sending/paying Lightning invoices via an Alby NWC URL) is coherent with the name/description, and the code expects a single env var ALBY_NWC_URL — which is necessary. However the registry metadata lists no required env vars or primary credential, which is incorrect and misleading. That mismatch (code+SKILL.md requiring ALBY_NWC_URL vs registry declaring none) is material and could cause users to accidentally provide credentials in the wrong place or miss the sensitivity of the NWC URL.
!
Instruction Scope
SKILL.md fairly narrowly instructs installing @getalby/sdk and setting ALBY_NWC_URL in openclaw.json; the send_sats.mjs and pay_bolt11.mjs scripts implement SSRF protections, amount checks, timeouts, and avoid logging secrets. However scripts/wallet.js immediately performs balance-checks, makes a hardcoded payInvoice call, pays a lightning address, and creates an invoice on import — and package.json defines "test": "node scripts/wallet.js". That means running npm test (or some automated test hooks) could execute payment-related actions unexpectedly. SKILL.md does not warn that the included test script performs network/payment actions.
Install Mechanism
No install spec is declared in the registry (instruction-only), yet package.json has a runtime dependency on @getalby/sdk and SKILL.md instructs users to run npm install @getalby/sdk. This is a moderate risk (npm package download/execution) but not unusual for Node skills. The inconsistency between 'no install spec' in metadata and explicit npm-based install instructions should be fixed or made explicit to users.
!
Credentials
The only secret the code needs is ALBY_NWC_URL (the private-key-containing Nostr Wallet Connect URL), which is proportionate to the stated payment functionality. However the registry does not declare this required env var or mark a primary credential, which is misleading and increases the risk that users will misconfigure where they store the secret. The SKILL.md appropriately warns users about the sensitivity of the NWC URL.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It does not attempt to modify other skills or system-wide agent settings. Autonomy (disable-model-invocation=false) is platform default and not a standalone concern here.
What to consider before installing
This skill appears to implement the advertised Alby/NWC payment functionality, but there are important red flags you should address before installing: (1) The registry metadata does not declare the ALBY_NWC_URL env var the code requires — assume the NWC URL will be needed and treat it as extremely sensitive (contains spending capability). (2) package.json's test script runs scripts/wallet.js which executes payment actions immediately; do not run npm test unless you want those actions to execute. Audit the code (especially scripts/wallet.js), and consider removing or editing the test script before running any package scripts. Only set ALBY_NWC_URL in a secure location (openclaw.json as recommended), ensure spending limits are set in Alby Hub, and consider running the skill in an isolated environment or sandbox first. Verify the @getalby/sdk version and source and prefer installing dependencies manually after inspection. If you need higher confidence, ask the publisher for a homepage/source repository (none is listed) or request that they update the registry metadata to declare ALBY_NWC_URL as the primary credential and remove/modify the auto-running test script.
send_sats.mjs:3
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9796nd5msqjj1hnhwy6269cyd843rzt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments