ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Mayar Payment Integration

v1.0.0

Integrate Mayar.id payments to create invoices, generate payment links, track Indonesian payment methods, manage subscriptions, and automate payment workflows.

0· 1.9k·1 current·1 all-time
by@ahsanatha
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The files and SKILL.md describe a Mayar payment integration (create invoices, links, track transactions) which is coherent with the skill name. However, the skill metadata declares no required credentials or config, while the instructions require a Mayar API token and edits to mcporter config. The missing declaration of required secrets in metadata is an inconsistency.
!
Instruction Scope
The SKILL.md explicitly instructs the user/agent to create ~/.config/mayar/credentials, set a MAYAR_API_TOKEN, and to add an mcporter entry that includes the Authorization header containing the API token. It also instructs running mcporter commands (mcporter call ...) and editing config/mcporter.json. These file writes and token-placement instructions go beyond read-only docs and have direct effects on user config and secrets; while needed for the stated purpose, they expose the token in config/command arguments and alter local configuration.
Install Mechanism
There is no install spec in the registry (instruction-only skill). The MCP config example uses 'npx mcp-remote' (npx will fetch/execute an npm package at runtime). That means code will be downloaded/ executed via npm when mcporter is used — a legitimate pattern for remote connectors but it carries the runtime risk of installing third-party code. The skill itself doesn't provide an audited install artifact or pinned release.
!
Credentials
The integration clearly requires a Mayar API token, but the skill lists no required env vars/primary credential. The instructions put the token into ~/.config/mayar/credentials and inline the token in mcporter's args/header. Inlining a secret into command args can expose it via process listings and in shared config files; the skill should have declared the credential and advised safer handling (e.g., environment variables, process-isolated secrets, or mcporter-native secret storage).
Persistence & Privilege
always:false and model invocation is allowed (normal). The runtime steps instruct modifying user configuration files (creating ~/.config/mayar/credentials and editing config/mcporter.json) which creates persistent local state. This is plausible for a connector, but users should be aware these are persistent changes to their environment.
What to consider before installing
What to consider before installing: - Metadata mismatch: the skill does not declare that it needs an API token yet the instructions require you to store a Mayar API token and modify mcporter config; insist the publisher update metadata to list required credentials. - Secret exposure risk: the guide shows placing the token in a credentials file and in command args (--header Authorization:YOUR_API_TOKEN_HERE). Passing secrets in command arguments can expose them via process lists and logs. Prefer using environment variables, a secrets store, or mcporter's supported secret mechanism if available. - Runtime downloads: the mcporter config relies on npx mcp-remote which will fetch and run code from npm at runtime. Review and verify the mcp-remote package/maintainer before allowing it to run in production. - Test in isolation: try this first with sandbox API keys and in a controlled/test environment. Verify webhook URLs and token handling before moving to production. - Review config changes: the instructions modify config/mcporter.json — back up existing configs and confirm you are comfortable with persistent changes. - Verify endpoints: confirm domains (mcp.mayar.id, api.mayar.id / api.mayar.club) are legitimate official endpoints for your organization. If you need this integration, it's probably usable, but ask the publisher to fix metadata (declare required credential), and revise instructions to avoid inlining secrets into command args and to document safe secret handling. If you cannot verify package sources or are uncomfortable with config changes, do not enable it in a production environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bqm050wy4cffw3fhnw6rgs1809qcq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments