StablePay OpenClaw Plugin
Security checks across malware telemetry and agentic risk
Overview
This appears to be a real StablePay wallet/payment plugin, but it grants broad wallet-signing and payment authority that users should review carefully before enabling.
Install only if you intend to give OpenClaw wallet-signing and StablePay payment capabilities. Use trusted backends, keep auto-payment thresholds minimal, protect the master key and OWS credentials, and require manual approval for raw signing or payment execution.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled with an auto-purchase threshold, the agent may be able to sign and submit StablePay payments within that limit.
When the amount is at or below the stored auto-purchase threshold, the demo flow signs and submits a payment without showing an additional confirmation step in the artifacts.
if (amount > status.payment_config.autoPurchaseThresholdUsdc) { ... return; } ... const paymentSignature = await runtime.signMessage({ ... }); ... const payResponse = await client.paySigned(payPayload, { ... });Keep auto-purchase thresholds low or zero, require explicit user approval for payment tools, and restrict tool access to trusted tasks/backends.
A model or user with access to this tool could obtain valid wallet signatures for messages beyond a specific payment transaction.
The runtime signs caller-provided message content directly using the configured wallet, OWS CLI, OWS REST, or local private key, rather than limiting signatures to a narrow payment-policy payload.
const payload = append ? `${params.message}${timestamp}${nonce}` : params.message; ... signature = signWithOwsCli(state.walletName, params.chain ?? "solana", payload); ... const raw = crypto.sign(null, Buffer.from(payload, "utf8"), state.localDevPrivateKeyPem);Limit raw signing to trusted users, add explicit approval for every signature, and prefer a constrained payment-signing tool that validates recipient, amount, currency, and purpose.
The plugin may run the local OWS executable when configured for OWS CLI signing.
The plugin intentionally supports invoking the local OWS CLI for signing; this is disclosed and aligned with the wallet-signing purpose.
`ows sign message --wallet <name> --chain solana --message '<canonical>' --json`
Install OWS only from trusted sources and verify the configured wallet and PATH before using the CLI signing runtime.
Local wallet material and payment policy data persist on disk and could be exposed if the master key or local machine is compromised.
The plugin stores persistent encrypted wallet state locally and depends on a master-key environment variable to protect it.
The plugin will use a local AES-256-GCM encrypted state file as the current development fallback ... Set `STABLEPAY_PLUGIN_MASTER_KEY` before using the local wallet runtime.
Use a strong unique master key, protect the local state file, avoid local-dev custody for production funds, and remove the state file when no longer needed.