Routstr Skill
v1.0.0Manage Routstr balance by checking balance, creating Lightning invoices for top-up, and checking invoice payment status
⭐ 0· 1.3k·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with the scripts: they check balance, create invoices, check invoice status, and top up with Cashu. However, the skill bundle does not declare that it requires the user's OpenClaw config file or an API key: scripts read $HOME/.openclaw/openclaw.json for .models.providers.routstr.baseUrl and .apiKey but the registry metadata lists no required config paths or primary credential. That mismatch is unexplained and disproportionate to the metadata.
Instruction Scope
The SKILL.md and scripts instruct the agent to read $HOME/.openclaw/openclaw.json and then call the configured BASE_URL endpoints. Reading a user config file in the home directory is a scope expansion that was not declared; although the scripts extract only routstr.baseUrl and apiKey, the fact that an agent will read a home config file should be explicit. The create_invoice.sh also embeds the API key into the JSON payload and topup_cashu.sh places tokens in URL query parameters; both actions transmit secrets to the configured BASE_URL (expected for the described purpose, but the target URL is entirely user-controlled via config).
Install Mechanism
There is no install spec (instruction-only style), but the skill includes executable shell scripts in the bundle. The scripts assume common CLI tools (jq, curl, awk) are available but the metadata does not declare required binaries. That increases the chance of runtime errors and hides an implicit dependency list; risk is moderate because these are standard tools but should be declared.
Credentials
The skill uses an API key from the user's ~/.openclaw/openclaw.json but declares no required env vars or primary credential. Requesting access to a local config that may contain other secrets is more privileged than declared. This mismatch (using an undeclared credential source) is the main proportionality problem. Also note the scripts send the apiKey in request headers or payloads (expected for API calls) — you should ensure you trust the configured BASE_URL before giving the skill access to that file.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It appears to run only when invoked and does not request elevated persistence.
What to consider before installing
This skill mostly does what it says, but it reads your ~/.openclaw/openclaw.json for routstr.baseUrl and apiKey even though the registry metadata doesn't declare that. Before installing: 1) Inspect ~/.openclaw/openclaw.json to confirm it contains only the Routstr fields needed and no other secrets you don't want read. 2) Review the bundled scripts (they're provided) — note create_invoice.sh sends "amount_sats" but uses an msats value (likely a bug); topup_cashu.sh sends the cashu token as a query parameter. 3) Ensure jq, curl, awk are available or run in an environment that has them. 4) Only use this skill if you trust the configured BASE_URL (the scripts will send your API key and tokens there). 5) If you need higher assurance, ask the author to: declare the required config path and primary credential in metadata, list required binaries, and fix the msats/amount naming bug. If you don’t trust the endpoint or prefer to be cautious, run these scripts manually in an isolated environment rather than granting autonomous agent access.Like a lobster shell, security has layers — review code before you run it.
latestvk97cgt5y7g467dp48nac8cdwd580p1c2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.