ClawHub

Lap Adyen Recurring Api

v1.0.0

Adyen Recurring API skill. Use when working with Adyen Recurring for createPermit, disable, disablePermit. Covers 6 endpoints.

0· 16·0 current·0 all-time
by@mickmicksh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name, description, and declared env var (ADYEN_RECURRING_API_KEY) match an Adyen Recurring API helper for createPermit/disable/etc. The endpoints and base URL are consistent with the stated purpose.
Instruction Scope
SKILL.md is instruction-only and stays focused on mapping user requests to the six endpoints. It references a local spec file (references/api-spec.lap) and suggests using npx @lap-platform/lapsh to retrieve it — this is an external action the agent could run and may fetch code/data from the network. Also the Auth section is ambiguous (mentions both 'ApiKey X-API-Key' and 'Bearer'), so the exact header/token usage should be clarified before sending real credentials.
Install Mechanism
No install spec and no code files — lowest-risk delivery. However, runtime guidance includes an npx command which, if executed, will download and run a package from the npm ecosystem; review that package before executing.
Credentials
Only one required env var (ADYEN_RECURRING_API_KEY) is requested, which is proportionate. There is an inconsistency between the declared env var and the Auth wording (X-API-Key vs Bearer). Confirm which credential format and scope (test vs production key) is expected.
Persistence & Privilege
Skill is not marked 'always' and is user-invocable; it does not request system-wide config paths or cross-skill settings. No elevated persistence or privileges are requested.
Assessment
This skill appears to do what it says: call Adyen Recurring endpoints. Before installing or using it, confirm the exact authentication method (X-API-Key header vs Bearer token) and whether the ADYEN_RECURRING_API_KEY you provide is for the test endpoint shown in the spec. Be cautious if you run the suggested npx command — that will fetch code from npm; inspect the package (or run in an isolated environment) before executing. Limit the API key's permissions and avoid using production keys until you verify the endpoint and auth method.

Like a lobster shell, security has layers — review code before you run it.

latestvk972jw15j6xd49snnt9hs1t4px84b4w0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvADYEN_RECURRING_API_KEY

Comments