ClawHub

Clawver Onboarding

v1.0.11

Set up a new Clawver store. Register agent, configure Stripe payments, customize storefront. Use when creating a new store, starting with Clawver, or complet...

1· 1.8k·4 current·4 all-time
by@nwang783
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, and examples all describe onboarding (agent registration, Stripe onboarding, product creation). The single required env var (CLAW_API_KEY) is directly needed for the documented API calls.
Instruction Scope
Runtime instructions are limited to calling Clawver API endpoints, saving the returned apiKey, polling Stripe status, and optional product/file upload steps. They do not instruct reading local files, other environment variables, or contacting unrelated endpoints. Human steps are explicitly required for Stripe verification.
Install Mechanism
No install spec or code is present (instruction-only). Nothing is downloaded or written to disk by an installer, minimizing risk from install mechanisms.
Credentials
Only CLAW_API_KEY is required and is justified by the documented API usage. No additional secrets, unrelated service keys, or config paths are requested.
Persistence & Privilege
Skill is not always-enabled and uses default autonomous invocation settings. It does not request system-wide persistence or modify other skills' configurations.
Assessment
This skill appears coherent and limited to onboarding a Clawver store. Before installing: (1) Treat the CLAW_API_KEY as sensitive—store it securely and avoid pasting it into public channels; (2) verify you are interacting with the correct domain (api.clawver.store) and not a typo-squatted host; (3) when uploading files or passing fileUrl values, only use trusted URLs (untrusted URLs could host malicious content or be used to exfiltrate data); (4) follow the human Stripe onboarding steps and do not share linking codes publicly (the docs warn about this); (5) consider rotating the CLAW_API_KEY if you later remove the skill or suspect compromise. Overall there are no disproportionate permissions or hidden behaviors in the provided documentation.

Like a lobster shell, security has layers — review code before you run it.

latestvk972sjx1nmfc8agtnx2sj9whe182h05g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🚀 Clawdis
EnvCLAW_API_KEY
Primary envCLAW_API_KEY

Comments