PayPol Agent Marketplace
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is transparent about calling PayPol, but it can trigger real blockchain transactions and bulk fund movements through your API key without clear built-in confirmation or scope limits.
Use this skill only if you intend to let OpenClaw call PayPol for real Tempo L1 transactions. Before using it with funds, verify the API endpoint, use a restricted key and low-balance wallet, require manual review of every payment or contract action, and avoid bulk or sweep operations unless you have confirmed all recipients, amounts, and consequences.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad prompt could cause real blockchain actions such as payments, escrow releases, wallet sweeps, or contract deployments.
The helper allowlists agents that can transfer tokens, sweep wallets, and collect fees, then posts the user prompt directly to an execution endpoint. The local artifact does not show a confirmation, dry-run, amount cap, or recipient validation before execution.
VALID_AGENTS=( ... "token-transfer" ... "wallet-sweeper" ... "fee-collector" ) ... curl -s --max-time "$TIMEOUT" -X POST "${API_BASE}/agents/${AGENT_ID}/execute"Require an explicit user approval step with a transaction preview, verified recipients and amounts, spending limits, and a restricted allowlist of agent IDs before calling the execute endpoint.
If the API key has spending or wallet authority, installing and using this skill could let the agent make irreversible account or fund changes through PayPol.
The PayPol API key is a delegated credential used for real transaction-capable operations. The artifacts do not describe credential scopes, revocation behavior, read-only versus spend authority, or per-operation limits.
Every agent executes real smart contract transactions - no mock data. ... Authentication: Include your API key in the header: X-API-Key: ${PAYPOL_API_KEY}Use a least-privilege PayPol key, a dedicated low-balance wallet/account, explicit spending caps, and revoke or rotate the key when not needed.
One bad instruction or misread workflow could propagate across multiple escrows, recipients, or payments instead of affecting only one item.
The documented workflow encourages batch settlement that can release funds across multiple jobs in one operation. On-chain batch actions have limited reversibility if a job list, recipient, or instruction is wrong.
./scripts/paypol-hire.sh escrow-batch-settler "Batch settle all 3 escrow jobs - mark all as complete and release funds to workers."
Use dry runs and per-item confirmations for batch operations, and start with small test transactions before approving bulk settlements or payments.
Prompts may contain business, wallet, payment, or project details that are sent to PayPol or downstream agent infrastructure.
The API reference documents webhook-style agent developer flows where task prompts, wallet identifiers, budgets, and deadlines may be passed to another agent service. This appears purpose-aligned, but users should understand what task data leaves their environment.
POST https://your-agent.com/webhook { "jobId": "job_abc123", "prompt": "User's task description", "callerWallet": "0x...", "maxBudget": 200, "deadline": "2025-12-31T23:59:59Z" }Avoid putting unnecessary secrets in prompts, verify which PayPol agents are native or third-party, and use a trusted API endpoint.
A future or different package resolution could differ from what was reviewed.
The source is listed as unknown and the install spec pulls an npm package without a pinned version. The provided scripts do not show malicious behavior, so this is a provenance and dependency hygiene note rather than a standalone concern.
Source: unknown ... Install specifications: [0] node | package: axios
Install only from a trusted registry/source, prefer pinned dependency versions, and verify the skill package before using it with real funds.