Back to skill
Skillv1.0.2
ClawScan security
Stripe Analytics · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 1:03 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, declared env, and runtime instructions are coherent with a read-only Stripe analytics purpose and do not request unrelated credentials or external endpoints.
- Guidance
- This skill appears internally consistent for read-only Stripe analytics. Before installing: 1) Provide only a Stripe restricted read-only key (scopes: read:customers, read:subscriptions, read:invoices, read:payment_intents). Do NOT supply a full secret key with write/refund permissions. 2) Confirm you trust the skill owner/source (source is unknown in registry). 3) Note the minor version mismatch (registry 1.0.2 vs package.json 1.0.3) — consider reviewing the included skill/skill.js yourself or running it in a sandboxed environment first. 4) Rotate the restricted key if you later remove the skill. If you need higher assurance, request the full, untruncated skill.js and verify there are no outbound calls beyond api.stripe.com or any hidden persistence.
Review Dimensions
- Purpose & Capability
- okName/description (Stripe analytics) align with requested STRIPE_READ_KEY and node runtime. package.json, SKILL.md, and skill.js all reference Stripe API endpoints and analytics functions consistent with the stated purpose. Minor version string mismatch between registry (1.0.2) and package.json/SKILL.md (1.0.3) and an unknown upstream source are noted but do not change functional coherence.
- Instruction Scope
- okSKILL.md explicitly limits actions to read-only Stripe scopes and the code only fetches from api.stripe.com endpoints and computes metrics. Instructions do not ask the agent to read unrelated files, system credentials, or post data to third-party endpoints. The SKILL.md mentions no persistence and the code does not write files or log secrets.
- Install Mechanism
- okNo install spec provided (instruction-only plus shippped JS), so nothing is downloaded from arbitrary URLs. package.json indicates node as required runtime. No high-risk install steps (no external archive downloads or unknown package registries).
- Credentials
- okOnly STRIPE_READ_KEY is required (primaryEnv). The key is used only to call Stripe API (Authorization header). No unrelated environment variables, secret-scanning triggers, or config paths are requested. SKILL.md recommends restricted read-only scopes which is appropriate and proportional.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system privileges or modify other skills. The skill does not store credentials or persist data on disk according to SKILL.md and code. Autonomous invocation is allowed (platform default) but not combined with other red flags.