ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Settld MCP Payments

Connect OpenClaw agents to Settld MCP for paid tool calls with quote-bound authorization and verifiable receipts.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 460 · 0 current installs · 0 all-time installs
by@aidenlippert
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md purpose (connect to Settld MCP, run paid tool calls, produce receipts) is coherent with needing SETTLD_API_KEY, SETTLD_BASE_URL, and SETTLD_TENANT_ID. However, the registry metadata lists no required environment variables or primary credential despite SKILL.md explicitly naming these secrets. That inconsistency means the package's required privileges are not declared to the platform and may not be surfaced to users.
Instruction Scope
The runtime instructions are narrowly scoped to MCP interactions (calling settld.* tools, returning headers, running an MCP server). They do not instruct reading unrelated files or exfiltrating system data. They do, however, instruct running a server via `npx -y settld-mcp` and using API keys from env vars, which grants an external package the ability to execute arbitrary code at runtime — this broadens the effective scope beyond the written instructions.
!
Install Mechanism
There is no formal install spec in the skill manifest, but the SKILL.md and mcp-server.example.json direct users/agents to launch `npx -y settld-mcp`. npx dynamically fetches and executes a package from npm; the skill does not pin a package version, provide a checksum, or link to a repository or homepage. Dynamic npm fetch is a moderate-to-high risk without provenance or pinning, because arbitrary code may be downloaded and executed at runtime.
!
Credentials
The environment variables named in SKILL.md (SETTLD_API_KEY, SETTLD_BASE_URL, SETTLD_TENANT_ID, optional SETTLD_PAID_TOOLS_BASE_URL/SETTLD_PROTOCOL) are appropriate for a payment/settlement integration. However, the skill registry metadata did not declare any required env vars or primary credential, creating an omission that hides the fact that the skill needs sensitive secrets. Requiring live API keys without manifest declaration increases the risk of inadvertent exposure or misuse by runtime code.
Persistence & Privilege
The skill is not marked always:true and has no install-time persistence or config writes in the manifest. Autonomous invocation (default) is allowed; combined with a secret API key and the ability to run an npm package, an agent could autonomously make paid calls. This is not intrinsically incorrect, but users should be aware that the skill can be invoked by the agent and may incur charges if given credentials.
What to consider before installing
Before installing or running this skill: 1) Treat SETTLD_API_KEY as a sensitive secret — only provide a least-privilege or scoped key. 2) Ask the publisher for provenance: where is the settld-mcp npm package hosted, is there a source repository, a pinned version, and release checksums or signatures? Do not run unpinned npx commands in production. 3) Update the skill manifest or ask the registry owner to declare required env vars so the platform can surface the credential requirement. 4) If you must test, run the MCP server in an isolated environment (sandbox/container) and use test credentials and a billing limit. 5) Monitor billing and receipts for unexpected charges. 6) If you cannot verify the npm package source or author, treat this skill as high-risk and avoid providing real production credentials.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
latestvk97eewr24fr7n87djmdd0xnmp981e82emcpvk97eewr24fr7n87djmdd0xnmp981e82epaymentsvk97eewr24fr7n87djmdd0xnmp981e82esettldvk97eewr24fr7n87djmdd0xnmp981e82ex402vk97eewr24fr7n87djmdd0xnmp981e82e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Settld MCP Payments Skill

This skill teaches OpenClaw agents to use Settld for paid MCP tool calls.

What This Skill Enables

  • Discover Settld MCP tools (settld.*)
  • Run paid tool calls with x402 challenge/authorize/retry flow
  • Return verifiable payment/settlement headers from tool responses
  • Produce audit-grade artifacts and receipts in Settld

Prerequisites

  • Node.js 20+
  • Settld API key (SETTLD_API_KEY)
  • Settld API base URL (SETTLD_BASE_URL)
  • Tenant id (SETTLD_TENANT_ID)
  • Optional paid tools base URL (SETTLD_PAID_TOOLS_BASE_URL)

MCP Server Registration

Use the server definition in mcp-server.example.json.

Server command:

  • command: npx
  • args: ["-y","settld-mcp"]

Required env vars:

  • SETTLD_BASE_URL
  • SETTLD_TENANT_ID
  • SETTLD_API_KEY

Optional env vars:

  • SETTLD_PAID_TOOLS_BASE_URL
  • SETTLD_PROTOCOL

Agent Usage Pattern

  1. Call settld.about to verify connectivity.
  2. For paid search/data calls, use:
    • settld.exa_search_paid
    • settld.weather_current_paid
  3. For agreement lifecycle demo calls, use:
    • settld.create_agreement
    • settld.submit_evidence
    • settld.settle_run
    • settld.resolve_settlement

Smoke Prompts

  • "Call settld.about and return the result JSON."
  • "Run settld.weather_current_paid for Chicago in fahrenheit and include the x-settld-* headers."

Safety Notes

  • Treat SETTLD_API_KEY as secret input.
  • Do not print full API keys in chat output.
  • Keep paid tools scoped to trusted providers and tenant policy.

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…