ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawtar

v1.0.3

Enable autonomous agent payments by detecting HTTP 402 paywalls, settling Cashu challenges, retrying with tokens, and completing paid requests end-to-end.

0· 691·1 current·1 all-time
byRob Woodgate@robwoodgate
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (Cashu paywall handling) align with the SKILL.md: it documents detecting HTTP 402, reading x-cashu, settling via cocod or a user-supplied token, and retrying with X-Cashu. The skill does not request unrelated credentials or system access.
Instruction Scope
Instructions are narrowly scoped to making the POST to the specified endpoint, reading the response header, and either calling cocod or asking the user for a token. The SKILL.md explicitly advises asking user permission before spending. It does suggest installing/using cocod (an external payment tool) which will require the agent to perform network/download and execute a separate binary if the human allows — the skill itself does not include or run that code.
Install Mechanism
There is no automated install spec (instruction-only). However the doc links an external cocod resource (https://clawhub.ai/Egge21M/cocod). If you choose to follow that path, review cocod's source and distribution before installing; the skill does not itself download or install anything.
Credentials
The skill declares no environment variables, no credentials, and no config paths. Asking the human for a Cashu token is appropriate for the described purpose, but any token the user supplies grants spending power and should be treated sensitively.
Persistence & Privilege
The skill is not always-enabled, does not request persistent system-wide changes, and contains no code that modifies other skills or agent settings. It relies on runtime prompts to the user for permission to spend or to install additional tooling.
Assessment
This skill appears to do what it says: it's a demo flow for Cashu-gated HTTP requests. Before installing or using it, consider: (1) The skill will ask you for permission before spending — do not grant permission unless you understand the cost and trust the endpoint. (2) If you allow the agent to install or run cocod, verify cocod's source and integrity (downloading/executing third-party binaries has risk). (3) Any Cashu token you provide is a spending credential—treat it like money and only paste it into trusted endpoints. (4) If you do not want autonomous spending, refuse install/permission requests and instead provide tokens manually when needed. Additional confidence would come from a known source/homepage or included code (this is an instruction-only demo with no provenance), so exercise usual caution when granting payment permissions.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ak0pncf85pexe1vgfv20jgs815k54

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments