PayTheFlyPro
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do what it advertises, but it can use a private signer key to create crypto withdrawal authorization links, which is high-impact and needs explicit user review.
Install only if you trust the PayTheFlyPro integration and can protect the signer key. Treat generated withdrawal links as sensitive authorization artifacts, verify every recipient and amount before creation, use a dedicated signer with minimal authority, and consider pinning npm dependencies before use.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent or anyone with access to the environment invokes this with the signer key, it can generate withdrawal authorization links for chosen recipients and amounts.
The script creates a signed withdrawal URL using caller-supplied recipient and amount values. That is consistent with the skill purpose, but it is high-impact financial authorization and the artifacts do not show a built-in confirmation, amount limit, recipient allowlist, or other guardrail before signing.
const signature = await wallet.signTypedData(domain, WITHDRAWAL_REQUEST_TYPES, value); ... const url = new URL(`${BASE_URL}/withdraw`); ... url.searchParams.set('user', params.user); ... url.searchParams.set('amount', params.amount); ... url.searchParams.set('signature', signature);Require explicit user confirmation of recipient, amount, token, serial number, chain, and deadline before generating withdrawal links; keep deadlines short and consider adding allowlists or maximum amounts.
Compromise or unintended use of this environment variable could let someone create valid signed payment or withdrawal links for the configured project.
The skill requires a private signer key. The code uses it for local signing rather than directly transmitting the key, but it is still sensitive delegated authority for creating PayTheFlyPro authorization signatures.
`PTF_SIGNER_KEY` | Yes | Private key for signing (dedicated wallet, no funds needed)
Use a dedicated signer wallet, restrict access to the environment variable, rotate it if exposed, and avoid using any wallet that holds funds or has unrelated authority.
Future installs may receive different dependency versions than the reviewer saw.
The install instructions pull current npm package versions without pinning versions or providing a lockfile in the artifact set. This is a common setup pattern, but it means dependency contents can change over time.
npm install ethers tronweb
Prefer pinned dependency versions and a lockfile, especially for a skill that handles private signing keys.