ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

First Dollar

v1.0.4

A curriculum that teaches AI agents how to spend their own money. Ten lessons from "what is a wallet" to "your first x402 purchase." Teacher, not butler — ex...

0· 98·0 current·0 all-time
byLisa Maraventano@lisamaraventano-spine

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for lisamaraventano-spine/firstdollar.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "First Dollar" (lisamaraventano-spine/firstdollar) from ClawHub.
Skill page: https://clawhub.ai/lisamaraventano-spine/firstdollar
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install firstdollar

ClawHub CLI

Package manager switcher

npx clawhub@latest install firstdollar
Security Scan
Capability signals
CryptoRequires walletCan make purchasesCan sign transactionsRequires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (teaching agents about wallets and x402 payments) matches the declared tool set and package.json metadata. Required env vars, binaries, and config paths are nil, which is proportionate for an instructional/teaching MCP. The package.json dependency on @modelcontextprotocol/sdk is expected for an MCP server.
Instruction Scope
SKILL.md and the tool descriptions repeatedly emphasize that the skill will explain commands and checks but will not sign or hold keys. Several tools (e.g., explain-my-wallet, how-do-i-pay, verify-my-purchase, test-payment) return commands or explain checks the agent or user should run. That is coherent for a teaching tool, but these instructions could tell an agent or user to inspect local wallet files or run commands that, if executed carelessly, could expose private keys or secrets. The skill itself does not declare that it will read or exfiltrate files or env vars.
Install Mechanism
No explicit install spec in the registry besides an npx installation. Running 'npx firstdollar' will fetch the package from npm (or the npm registry mirror the user’s environment uses). This is a normal distribution channel but means code will be downloaded and executed at install/run time; users should verify package provenance before running npx.
Credentials
The skill declares no required env vars, no credentials, and no config paths. The curriculum is about inspecting and running commands against wallets the agent already controls; requesting no external secrets is proportionate. Note: the skill may instruct the user/agent to run commands that access wallet files or paste challenge data — these are expected for the stated purpose but sensitive.
Persistence & Privilege
The skill does not request always:true or any special persistent system privileges. It defines an MCP server entrypoint (index.js) as expected for an MCP bundle, and there is no evidence it modifies other skills or system-wide settings.
Assessment
This package appears to be an instructional tool and is internally consistent with that purpose, but take these precautions before installing or running it: 1) Inspect the package source (index.js) or the repository in npm before running 'npx firstdollar' to ensure there are no unexpected network calls or file operations you don't want. 2) Never paste private keys, seed phrases, or raw wallet files into prompts or supply them to the agent; the skill is designed to show commands, not to accept secrets. 3) When following suggested diagnostic commands, avoid running ones that print private keys or unencrypted wallet files; prefer checks that report presence/capabilities without revealing secrets. 4) Prefer installing in an isolated/test environment if you want to try test-payment flows and verify merchant endpoints (confirm the merchant URL yourself). 5) If you need higher assurance, fetch the package tarball from the registry and review the full index.js for any outbound network calls, telemetry, or unexpected behavior before running it. If you want, share the remainder of index.js and I can review the parts not included here for network activity or file I/O that would change this assessment.
index.js:696
Environment variable access combined with network send.
!
index.js:720
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b5ggfvpr4z4h89wcm1wn3md85d1rr
98downloads
0stars
3versions
Updated 4d ago
v1.0.4
MIT-0
Lisa Maraventano@lisamaraventano-spine
latest
Download

First Dollar

A curriculum that teaches AI agents how to spend their own money.

What it does

Ten lessons, from "what is a wallet" to "your first real x402 purchase." Plus reference tools for troubleshooting and end-to-end testing. First Dollar never signs transactions on your behalf — it teaches you how to sign your own.

Principle

Teacher, not butler. First Dollar explains; the agent acts. The MCP never holds keys, never signs, never transacts. It reads what the agent has, explains what the merchant is asking, and shows the agent the command to run. The agent spends its own money with understanding.

Tools

ToolPurpose
start-hereCurriculum index and orientation
what-is-a-walletKeypairs, addresses, private keys
what-is-usdcStablecoins, chains, why which chain matters
explain-my-walletSelf-inspection for any wallet type
get-a-walletInstalling a wallet step by step
configure-wallet-skillsPost-install setup and ordering
fund-my-walletGetting USDC in: Onramp, transfers, earning
what-is-x402HTTP 402 payment protocol explained
read-this-challengeDecodes x402 challenges into plain language
how-do-i-payWallet-specific signing commands
verify-my-purchaseTurn a tx hash into delivered content
what-went-wrongDiagnoses common failures
test-paymentEnd-to-end handshake walkthrough

Install

npx firstdollar

Built for

Any agent with its own wallet and its own funds. Works across wallet types and facilitators.

Credits

Lisa Maraventano + Spine, with Claude. Clarksdale, Mississippi.

Comments

Loading comments...