Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
paynode-402
v2.7.2Dynamic Premium API Marketplace for AI Agents. Grants access to an ever-expanding registry of real-time external tools (e.g., web search, crypto oracles, web...
⭐ 0· 159·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the declared requirements: the skill is a payment-enabled API marketplace that must sign transactions, so requesting a CLIENT_PRIVATE_KEY and reading a PayNode config is coherent. Requiring 'bun' is consistent with the use of 'bunx' commands in the instructions.
Instruction Scope
SKILL.md instructs the agent to run 'bunx @paynodelabs/paynode-402-cli' commands, to prefer env CLIENT_PRIVATE_KEY and to fall back to ~/.config/paynode/config.json. It includes safety protocols (require explicit user confirmation before mainnet payments, use burner wallets, test on testnet). The fallback to a local config file is explicit but could cause accidental use of an existing private key if that file exists — the skill warns about this.
Install Mechanism
There is no install spec, but runtime instructions use 'bunx' which will dynamically fetch and execute package code from the registry. That is a supply-chain/runtime code-execution vector. The SKILL.md suggests pinning versions or cloning and building locally, which mitigates some risk, but by default the workflow will run remote code.
Credentials
Only one credential (CLIENT_PRIVATE_KEY) is required and it is the obvious credential for signing payments — proportionate to the purpose. However, the private key is high-sensitivity; the documented fallback to ~/.config/paynode/config.json means an existing file on disk may be used unexpectedly. The skill documents this risk, but the threat remains real if users do not follow guidance.
Persistence & Privilege
The skill does not request 'always: true' or modify other skills or system-wide settings. It is user-invocable and allows autonomous invocation (platform default), which is expected for a runtime tool integration.
Assessment
This skill appears to be what it says — a payment-capable CLI that must sign transactions. Before installing or enabling it: (1) Never supply a high-value private key; use a dedicated burner wallet with minimal funds. (2) Check for and, if needed, remove or inspect ~/.config/paynode/config.json so you don't accidentally expose an existing key. (3) Prefer cloning the CLI and pinning a specific version instead of blindly running 'bunx' (which fetches and executes remote code). (4) Test on Testnet and require explicit user confirmation before any Mainnet payment. (5) If you operate in a shared or production environment, avoid placing CLIENT_PRIVATE_KEY in environment variables accessible to other processes/users.Like a lobster shell, security has layers — review code before you run it.
Plugin bundle (nix)
Skill pack · CLI binary · Config
SKILL.mdCLIConfig
CLI help (from plugin)
Usage: bunx @paynodelabs/paynode-402-cli [command] Commands: check Check wallet readiness (ETH/USDC) mint Mint test USDC request <URL> Access protected API list-paid-apis Marketplace discovery invoke-paid-api Execution flow tasks Manage background tasks
latestvk97ab0gyhe74vqkxn6njk633rx84xjtx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsbun
EnvCLIENT_PRIVATE_KEY
Config~/.config/paynode/config.json
Primary envCLIENT_PRIVATE_KEY