Routstr Skill

ReviewAudited by ClawScan on May 1, 2026.

Overview

The skill is purpose-aligned for Routstr balance management, but it uses your local Routstr API key and can redeem top-up tokens, so verify amounts and tokens before use.

This skill appears coherent and purpose-aligned. Before using it, make sure the Routstr base URL and API key in ~/.openclaw/openclaw.json are correct, verify invoice amounts before paying, and only provide Cashu tokens you intend to redeem.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

If run, the skill can use your Routstr account credential to retrieve account balance and usage information.

Why it was flagged

The script reads the user's local Routstr API key from OpenClaw configuration and uses it for account balance access, which is expected for this purpose but is sensitive account authority.

Skill content

CONFIG_FILE="$HOME/.openclaw/openclaw.json"
API_KEY=$(jq -r '.models.providers.routstr.apiKey' "$CONFIG_FILE")

Recommendation

Use only with the intended Routstr configuration, and ensure ~/.openclaw/openclaw.json points to the provider you trust.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

Running the top-up script can irreversibly transfer value from a Cashu token into the Routstr account, and query parameters may be logged by the receiving service or intermediaries.

Why it was flagged

The script can redeem a user-supplied Cashu token to top up the Routstr balance. This is aligned with the skill purpose, but it is a payment-related mutation and the token is sent in a URL query parameter.

Skill content

RESPONSE=$(curl -s -X POST "${BASE_URL}/wallet/topup?cashu_token=$(echo "${CASHU_TOKEN}" | jq -sRr @uri)" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer ${API_KEY}")

Recommendation

Only run top-up with tokens you intend to redeem, verify the configured Routstr base URL first, and avoid sharing command logs containing Cashu tokens.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

The skill may fail or behave unexpectedly if jq, curl, awk, or the Routstr OpenClaw config are missing, and users may not notice the credential dependency from metadata alone.

Why it was flagged

The registry metadata does not declare the local config/API key or command-line tools that the included scripts rely on, even though the behavior is disclosed in SKILL.md and source.

Skill content

Required binaries (all must exist): none
Required config paths: none
Primary credential: none

Recommendation

Before installing, confirm the required tools are available and review the Routstr API key/base URL configuration.