ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Locus

v1.3.0

Locus payment tools for AI agents. Use when asked to send payments, check wallet balances, list tokens, approve token spending, or process payment-related actions from emails. Also use for demos of Locus (YC F25) payment infrastructure — scanning emails for payment requests and initiating crypto payments via wallet.

1· 2.2k·0 current·0 all-time
by@cdermott7
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description, mcporter configuration, and listed tools (list_tokens, send_token, approve_token) are coherent. The service endpoints referenced (app.paywithlocus.com, mcp.paywithlocus.com) match the stated purpose of connecting to Locus via MCP.
!
Instruction Scope
SKILL.md explicitly instructs the agent to 'scan inbox for payment-related emails' and extract actionable items. That operation is sensitive (reading user email) but the skill provides no mechanism, permissions model, or explicit user consent flow for mailbox access. It also gives broad discretion to identify actionable items — this is scope creep unless the agent already has a well-defined, consented email-access tool.
Install Mechanism
No install spec in the registry, but the included setup.sh will install mcporter via 'npm i -g mcporter' if missing. npm global installs are common but carry the usual risk of executing third-party code; this is proportional to the stated need for mcporter, but users should verify mcporter's provenance before installing globally.
Credentials
The skill does not declare required env vars and asks the user interactively for a Locus API key (prefix locus_). Asking for an API key is expected, but the registry metadata omits any 'primary credential' declaration. The instructions also tell the user to paste the API key into the interactive flow (or chat) — users should avoid pasting secrets into channels that are not secure.
Persistence & Privilege
always is false and the skill does not request system-wide privileges or modify other skills. The setup stores config via mcporter, which is expected behavior and limited in scope.
What to consider before installing
This skill appears to be a legitimate wrapper around the Locus payment MCP, but it asks the agent to scan your inbox for payment requests — a sensitive action that the SKILL.md does not explain how to perform or obtain permission for. Before installing or running it: (1) Verify the mcporter tool's origin and trustworthiness before allowing the script to install it globally. (2) Do not paste API keys or other secrets into public chats; prefer entering them in a secure prompt or setting them in a location you control. (3) Confirm how your agent will access email (what mailbox, what auth) and that you explicitly consent to giving mailbox access. (4) If you want tighter control, configure mcporter manually and avoid using the script; review where mcporter stores credentials. If you can, ask the skill author for explicit documentation of email access and storage practices before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk9744hydy7717x0vr131tx3tzn802zge
2.2kdownloads
1stars
7versions
Updated 2h ago
v1.3.0
MIT-0
@cdermott7
latest
Download

Locus Payment Skill

Locus connects AI agents to crypto wallets via MCP. Tools are dynamic — each user gets different tools based on their permission group.

Setup (Agent-Guided)

When the user asks to set up Locus, use payments, or anything payment-related — check if Locus is configured and walk them through setup interactively:

Step 1: Check if mcporter is installed

command -v mcporter || npm i -g mcporter

Step 2: Check if Locus is already configured

mcporter config get locus 2>/dev/null

If configured, skip to Usage. If the user wants to reconfigure, run:

mcporter config remove locus

Step 3: Ask the user for their API key

Tell them:

You'll need a Locus API key to connect your wallet. Get one at https://app.paywithlocus.com — each key is tied to your wallet and permission group. Paste it here when you're ready.

Wait for the user to provide their key. It should start with locus_. If it doesn't, warn them and confirm before proceeding.

Step 4: Configure mcporter

mcporter config add locus \
  --url "https://mcp.paywithlocus.com/mcp" \
  --header "Authorization=Bearer <API_KEY>" \
  --scope home

Step 5: Verify the connection

mcporter list locus

If tools appear, setup is complete — tell the user they're ready. If it fails, ask them to double-check their API key and try again.

Alternative: Script-based setup

Users can also run the setup script directly from the Clawdbot workspace root:

bash skills/locus/scripts/setup.sh

Usage

Always discover available tools first:

mcporter list locus --schema

This returns all tools the user's permission group allows. Tools vary per user — do not assume which tools exist. Use the schema output to understand parameters.

Call any discovered tool:

mcporter call locus.<tool_name> param1=value1 param2=value2

For array/object parameters:

mcporter call locus.<tool_name> --args '{"key": "value"}'

Email → Payment Flow

  1. Scan inbox for payment-related emails (invoices, bills, splits, reimbursements)
  2. Identify actionable items with amounts, recipients, and context
  3. Summarize findings to user
  4. On user approval, execute payments via available tools
  5. Always confirm with user before sending any payment

Safety Rules

  • Never send payments without explicit user confirmation
  • Always show: recipient, token, amount, and memo before executing
  • Check available balance before attempting payments
  • Double-check recipient addresses — typos mean lost funds
  • Confirm large payments (>$100) with extra care

Comments

Loading comments...