Back to skill
Skillv1.0.0
ClawScan security
Shop from Nvidia - With your claw and creditcard · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 2:07 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's claimed purpose (agent spending and wallet management) matches the instructions and required credential (CREDITCLAW_API_KEY); the only notable mismatch is the skill name referencing 'Nvidia' while the files describe the generic CreditClaw platform.
- Guidance
- This skill appears internally consistent for giving an agent controlled spending ability via CreditClaw. Before installing, consider: 1) Confirm the name/branding mismatch — the manifest and docs reference creditclaw.com; verify you intended to install CreditClaw and not an Nvidia-specific integration. 2) Treat CREDITCLAW_API_KEY as a sensitive secret: provide a dedicated, limited-scope API key for bots (rotate/revoke if needed) and never share it with other services. 3) The agent will be instructed to decrypt owner card details in memory for checkouts — ensure your agent runtime does not log or transmit memory contents and that decrypted card data cannot be persisted or exfiltrated. 4) Keep approval_mode conservative (e.g., ask_for_everything) until you trust automated behavior; prefer manual approvals for purchases. 5) Verify creditclaw.com (TLS certificate, reputation) and webhook callback URLs in your environment. 6) Monitor the bot's transaction logs and webhook notifications and be ready to freeze the wallet or revoke the API key if you see unexpected activity. If you see additional required env vars, an install script that downloads code, or explicit instructions to send the API key to domains other than creditclaw.com, treat the skill as suspicious and do not proceed.
Review Dimensions
- Purpose & Capability
- noteThe description and API docs consistently describe a payment/wallet platform (CreditClaw) for agent spending, encrypted-card checkout, and x402/USDC signing. The single required environment variable (CREDITCLAW_API_KEY) is appropriate for that purpose. Minor inconsistency: the skill name/title references 'Nvidia' specifically, but nothing in the files requires Nvidia-specific credentials or endpoints; the content is generic CreditClaw functionality. This could be a labeling/packaging issue rather than malicious intent.
- Instruction Scope
- okSKILL.md and companion documents instruct the agent to call only creditclaw.com API endpoints and to read the provided companion files. There are explicit, repeated warnings about keeping the API key private and not persisting decrypted card data. The only high-sensitivity runtime action the instructions require is performing AES-256-GCM decryption of owner-supplied card details in memory for a single checkout — this is coherent with the stated purpose (making purchases) but increases the risk surface if the agent or environment logs or leaks memory.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files to execute locally. This minimizes risk from arbitrary third-party downloads or on-disk executables.
- Credentials
- okThe skill requires a single credential (CREDITCLAW_API_KEY), declared as the primary credential and used for Authorization headers in all API calls — proportionate for a payment service integration. No unrelated secrets, system paths, or additional environment variables are requested.
- Persistence & Privilege
- okThe skill does not request permanent presence (always is false) and does not include scripts that modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not combined with other elevated privileges.