ClawHub
Back to skill
v1.0.0

Mayar

ReviewClawScan verdict for this skill. Analyzed May 10, 2026, 8:00 PM.

Analysis

This Mayar payment skill is purpose-aligned, but it asks agents to run an unpinned latest npm CLI with a payment API key and can perform account-changing payment operations.

GuidanceReview before installing. If you use it, verify the Mayar CLI package source, consider pinning a trusted version instead of using `@latest`, provide only a limited Mayar API key, and require the agent to ask before creating, closing, reopening, or registering anything in your payment account.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusConcern
SKILL.md
install_command: npx -y mayar@latest
invoke_prefix: npx -y mayar@latest
...
# Always use the latest version — no install step required

The skill directs agents to execute the latest npm package rather than a pinned, reviewed version. Because this CLI receives a payment API key and can alter payment-account data, unpinned runtime provenance is a material supply-chain concern.

User impactA changed or compromised npm package version could run under the user's agent and Mayar credentials.
RecommendationVerify the npm package and GitHub repository, prefer a pinned version, and avoid granting the API key until the exact CLI version is trusted.
Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
npx -y mayar@latest invoice close <id>
npx -y mayar@latest invoice create --data '<json>'
...
npx -y mayar@latest payment create --data '<json>'
...
npx -y mayar@latest webhook register <url>

These commands can create or change payment-platform records and register webhooks, but the skill does not require explicit user confirmation or scoped approval before such state-changing actions.

User impactAn agent could make unintended changes to invoices, payments, products, customers, or webhook settings if a task is misunderstood or over-broad.
RecommendationUse read-only commands first, require explicit confirmation for create/close/reopen/register operations, and verify IDs, JSON payloads, and webhook URLs before execution.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
MAYAR_API_KEY:
  description: Mayar API key...
  required: true
  secret: true
...
auth:
  type: bearer
  resolution_order:
    - flag: --api-key
    - env: MAYAR_API_KEY
    - file: ~/.config/mayar/config.json

The skill clearly requires a bearer API key and can also use a saved local config file. This is expected for a payment-platform CLI, but it is sensitive account authority.

User impactAnyone or any process with this key may be able to access or change Mayar account data according to the key's permissions.
RecommendationUse the least-privileged Mayar key available, store it in a secret-safe environment, avoid passing it on the command line when possible, and rotate it if exposed.