ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ampersend

v1.0.14

Ampersend CLI for agent payments

1· 417·0 current·0 all-time
byMatias@matiasedgeandnode
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and runtime instructions consistently describe a CLI-based agent payment tool that requires an external 'ampersend' binary; the declared requirements (single required binary) are proportionate to the described capability.
!
Instruction Scope
SKILL.md instructs the agent to run the ampersend CLI to create agent keys, request user approval, and perform paid HTTP requests automatically (ampersend fetch). That behavior is consistent with the stated purpose but grants the agent the ability to execute real payments under configured spending limits; ensure the agent is restricted to inspect-only or strict limits if you do not want autonomous payments.
!
Install Mechanism
There is no formal install spec in the registry entry (instruction-only), but SKILL.md directs users to run a global npm install of @ampersend_ai/ampersend-sdk@0.0.14. Installing a global npm package executes third-party code — acceptable if the package and publisher are trusted, but the skill metadata lacks a homepage/source or provenance, increasing risk.
Credentials
The skill declares no required environment variables (proportionate). However, the CLI generates and stores agent keys/accounts via setup/config commands; these secrets live outside the skill metadata and could be created or used by the agent — verify where the CLI stores keys and who can access them.
Persistence & Privilege
always:false and default autonomous invocation are set (normal). The combination of autonomous invocation with a payments-capable tool increases blast radius if misused, but the registry flags themselves do not request elevated persistence or modify other skills.
What to consider before installing
This skill appears to do what it says (operate an Ampersend CLI to enable agent payments), but exercise caution before installing or enabling it. Recommendations: - Verify the npm package and publisher (@ampersend_ai) on the npm registry and inspect the package contents/source repository before running npm install -g. - Test on a staging network or testnet (sepolia/staging API) and with small limits first; prefer --inspect to preview costs before allowing real payments. - Set very conservative daily/monthly/per-transaction limits and disable auto-topup unless absolutely necessary. - Do not give the agent browser access or system access to secret stores; follow the SKILL.md advice to have the human approve the user_approve_url in their own browser. - Audit where the CLI stores agent keys/config and restrict filesystem access to those files. Consider running the CLI in a constrained environment (container or VM) to limit impact. If you cannot verify the npm package source or the vendor, treat installation as higher-risk and consider skipping or requesting a skill version with verifiable source code.

Like a lobster shell, security has layers — review code before you run it.

latestvk978bm5tc025c7aw2p3q6c2xyd83ph7h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsampersend

Comments