Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
lobstercash
v0.0.4Use this skill when the user wants to spend money, make purchases, send crypto, pay for APIs, or manage an AI agent's payment wallet. Covers buying products...
⭐ 1· 123·0 current·0 all-time
byManuel Hidalgo@manu-xmint
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (payments, virtual cards, sending crypto, x402 API payments) match the runtime instructions: the SKILL.md consistently directs the agent to the @crossmint/lobster-cli and to commands that implement wallet setup, deposits, cards, sends, tx signing, and x402 fetching. There are no unrelated environment variables, binaries, or config paths declared that would be out of scope for a payments skill.
Instruction Scope
All instructions stay within payment/wallet tasks: run CLI commands (status, store, request card, request deposit, balance, send, tx create/approve, x402 fetch), show approval URLs to the user, and require human confirmation for write operations. The SKILL.md explicitly forbids polling for approval, asking for private keys, or revealing secrets without user consent. The update check fetches a remote SKILL.md from GitHub and compares npm package versions — network calls to npm/GitHub are expected for this workflow.
Install Mechanism
The skill is instruction-only but directs the agent/user to run an npm package via npx or npm install -g (@crossmint/lobster-cli). Pulling a CLI from npm is expected for a CLI-backed skill, but it does entail executing third-party code at runtime. The remote SKILL.md is fetched from raw.githubusercontent.com (a common release host). Recommend verifying the npm package and GitHub repository identity/reputation before installing or running it.
Credentials
The skill does not require or declare any secrets or environment variables; it only mentions an optional LOBSTER_AGENT_ID for parallel agent runs. The workflow relies on human approval URLs rather than asking for private keys or external credential environment variables, which is proportionate for a payments tool.
Persistence & Privilege
always:false (not force-included). Model-invocation is allowed (default), which is normal for skills, but because this skill can initiate payments and reveal card credentials, you should ensure policy and runtime controls prevent the model from autonomously initiating financial operations without explicit, recent user consent.
Assessment
This skill appears coherent for handling payments via a third-party CLI, but it relies on installing/running the @crossmint/lobster-cli from npm and fetching data from GitHub. Before installing or running it: 1) verify the npm package (@crossmint/lobster-cli) and the Crossmint GitHub repo are legitimate and match the publisher you expect; 2) prefer running npx with an exact version (or inspect the package) if you want reproducibility; 3) ensure your agent is configured so it will not autonomously execute payment or card-reveal flows without explicit user approval; 4) never paste or store private keys—this skill's flow uses consent URLs and virtual cards rather than asking for keys, which is safer; and 5) treat any revealed card credentials as highly sensitive and only use them in trusted merchant checkouts.Like a lobster shell, security has layers — review code before you run it.
latestvk9759d3xsxwt63y9cxtaa6g8sx83yc5b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.