Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
SatsRail MCP — Bitcoin Lightning Payments for AI Agents
v1.0.0Enable AI agents to create Bitcoin Lightning payment orders, generate invoices, check payment status, and manage payments via natural language with SatsRail...
⭐ 0· 293·0 current·0 all-time
byRuby Tuesday@rubytuess
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The described capabilities (create orders, generate bolt11 invoices, check payment status) are coherent with a SatsRail Lightning integration. However, the registry metadata claims no required environment variables or binaries while the SKILL.md explicitly instructs the operator to provide a SATSRAIL_API_KEY and to invoke npx (npx/npm) to run the satsrail-mcp package. That mismatch (undeclared secret and undeclared runtime dependency) is an inconsistency.
Instruction Scope
The instructions stay focused on integrating an MCP server with SatsRail: configuring an MCP server entry, providing an API key in the server env, and invoking the satsrail-mcp npm package. The SKILL.md does not instruct the agent to read unrelated files or exfiltrate other system secrets. It does, however, instruct the environment to execute code fetched from npm at runtime (via npx), which increases the scope of what will run.
Install Mechanism
There is no install spec in the registry metadata, but the SKILL.md example uses 'npx -y satsrail-mcp' — this implies runtime download and execution of an npm package. Fetching and executing code from npm at runtime is a moderate-to-high risk if you haven't audited the package source. The SKILL.md points to GitHub and npm pages (helpful), but the package install/execute behavior should have been declared explicitly in the metadata.
Credentials
Registry metadata lists no required env vars, yet SKILL.md requires a SATSRAIL_API_KEY (sk_live_... / sk_test_...) to operate. Requesting one service-specific API key is reasonable for a payments integration, but the omission in metadata is a red flag. The skill does not request unrelated credentials, which is good; the issue is the missing declaration of a required secret and guidance about its scope/permissions.
Persistence & Privilege
The skill does not request always:true and is user-invocable only; model invocation is allowed (the platform default). The skill does not declare or request system-wide config changes beyond adding an MCP server entry with the API key — that is expected for this integration. No evidence of the skill modifying other skills or system-wide settings.
What to consider before installing
This skill appears to do what it claims (Lightning payments through SatsRail) but contains important inconsistencies and a runtime install behavior you should consider before enabling it. Before installing: (1) Verify the satsrail-mcp npm package and the linked GitHub repo — review source and recent maintainer activity; (2) Use a test API key (sk_test_...) and restrict permissions if possible; (3) Expect that npx/npm must be available in the runtime environment — the metadata should have declared that; (4) Prefer explicitly installing and auditing the npm package ahead of giving the agent a live key rather than allowing automatic npx downloads at runtime; (5) Run the integration in an isolated or monitored environment and check logs/network egress for unexpected behavior; (6) Ask the publisher/registry owner to update the metadata to declare SATSRAIL_API_KEY and the npx/npm dependency so you can make an informed risk decision.Like a lobster shell, security has layers — review code before you run it.
bitcoinvk978wy2v0r7thmntbm5wwb5v61822m7ylatestvk978wy2v0r7thmntbm5wwb5v61822m7ylightningvk978wy2v0r7thmntbm5wwb5v61822m7ymcpvk978wy2v0r7thmntbm5wwb5v61822m7ypaymentsvk978wy2v0r7thmntbm5wwb5v61822m7ysatsrailvk978wy2v0r7thmntbm5wwb5v61822m7y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.