AMEX | Give your Agent your CreditCard
WarnAudited by ClawScan on May 18, 2026.
Overview
This is a disclosed payment-wallet skill, but it asks an agent to handle real spending authority, decrypted card data, and a remotely delivered decrypt script, so it needs careful review before use.
Install only if you trust CreditClaw and have verified the publisher. Keep the default ask-before-everything mode, use low-limit or virtual cards, avoid the main-agent card-decryption fallback, sandbox any decrypt-script execution, protect the CREDITCLAW_API_KEY, and monitor or freeze the wallet from the dashboard if anything looks wrong.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may think this is associated with a known card issuer when the artifacts show a different provider.
The registry-facing name invokes AMEX, but the homepage and included files describe a CreditClaw service rather than an AMEX/American Express service. For a payment-card skill, that branding mismatch could mislead users about affiliation or trust.
Name: AMEX | Give your Agent your CreditCard ... Source: unknown ... Homepage: https://creditclaw.com
Verify the publisher and any claimed card-network or issuer affiliation before providing payment credentials or funds.
Anyone or any agent that obtains the key may be able to spend or act through the wallet within the provider's guardrails.
The required CREDITCLAW_API_KEY is expected for this payment service, but the artifact itself confirms that the key represents delegated spending authority.
Your API key is your identity. Leaking it means someone else can spend your owner's money.
Keep the key scoped to this service, store it securely, rotate it if exposed, and use low spending limits and approval-required defaults.
If the delivered script or delivery channel is compromised, local code could run in the checkout environment with access to sensitive card data.
The skill instructs an agent/sub-agent to execute a Node script delivered later inside a card file, not a script included in the reviewed package, while handling real payment-card material.
The sub-agent runs the deterministic decrypt script that was delivered with the card file: node decrypt.js <key_hex> <iv_hex> <tag_hex> Card-ChaseD-9547.md
Only use this in a sandboxed environment, inspect or pin the decrypt script before execution where possible, and avoid running the flow on systems with unrelated secrets.
Your card number, CVV, expiry, name, and billing address could become visible to the main agent context rather than isolated to an ephemeral checkout agent.
The artifact acknowledges a fallback path where full card details enter the main agent context, which may be logged, retained, or reused outside the intended single transaction depending on the host environment.
If your environment doesn't support spawning sub-agents, you can execute the checkout_steps directly as the main agent ... the main agent will see the decrypted card details in its context.
Do not use the main-agent fallback for real cards unless you understand the host's logging and memory retention; prefer disposable virtual cards, sub-agent isolation, and strict cleanup.
The agent may periodically check balances and spending permissions if you configure it to do so.
The periodic heartbeat is purpose-aligned wallet monitoring and no daemon install is shown, but it encourages recurring autonomous use of the payment API key.
CreditClaw Heartbeat (suggested: every 30 minutes) ... Run this routine periodically to stay aware of your wallet status
Allow periodic polling only if you want ongoing wallet monitoring, and keep rate limits and notification settings enabled.