Payclaw Io Pub

Security checks across malware telemetry and agentic risk

Overview

PayClaw is a disclosed payment and merchant-identity integration with sensitive but purpose-aligned behavior and human approval for purchases.

Install only if you want your agent to use PayClaw for merchant identity and human-approved purchases. Confirm the merchant, item, amount, and purpose before approving any card issuance, and review PayClaw controls for monitoring or revoking the stored Consent Key.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill description and metadata market the capability in very broad terms ('lets them pay', 'authorized actor at any UCP-compliant merchant') without clearly constraining when an agent should invoke it. In practice, this can cause over-activation in loosely related commerce contexts, leading an agent to disclose identity credentials or initiate payment flows more often than intended.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The guidance says the agent calls `payclaw_getAgentIdentity` 'before acting at any merchant' and presents this as the default behavior, but it does not define boundaries for 'acting' or require user consent for identity disclosure. Because this skill issues merchant-facing identity assertions and can later facilitate payment, ambiguous trigger conditions materially increase the risk of unnecessary credential sharing, unintended merchant interaction, and escalation into purchases.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal