Buy Anything
PassAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent for its stated purpose, but it can place real purchases and optionally save a reusable payment token, so users should install it only if they trust the Rye/BasisTheory checkout flow.
This skill does not show artifact-backed malicious behavior, but it is financially sensitive. Before installing, make sure you trust Rye and BasisTheory, set a spending limit, require explicit confirmation for each order, and avoid saving the payment token unless you want future purchases to be easier.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user’s direct buy request can result in a real purchase and charge through Rye.
The skill instructs the agent to call an external checkout API that can place a real order. This is core to the skill’s purpose and includes a price constraint, but it is still high-impact tool use.
curl -s -X POST https://api.rye.com/api/v1/partners/clawdbot/purchase ... "paymentMethod": { "type": "basis_theory_token" ... } ... "constraints": { "maxTotalPrice": 50000 }Use clear purchase confirmations and set a maximum total price before ordering; do not approve orders unless you trust the store URL and Rye checkout.
Your address, contact information, product URL, and payment token are sent to the Rye checkout API to complete the order.
The skill handles personal shipping/contact details and a payment token. That access is expected for checkout, but the token functions as sensitive purchasing authority.
After submitting, copy the token shown on the page and paste it back here... "buyer": { ... "email" ... "phone" ... "address1" ... }, "paymentMethod": { ... "basisTheoryToken" ... }Only provide payment tokens and personal information if you trust the provider and are ready to make the purchase.
If you choose to save the token, future purchases can reuse it without re-entering card details.
The skill may persist a reusable payment token and address in agent memory. It says this is opt-in, but stored payment tokens remain sensitive because they can be reused for future orders.
Save BT token/address to memory for future purchases (ask permission first)
Decline token saving unless you want one-click future checkout; ask the agent to forget saved payment and address data when no longer needed.
You have less registry-level provenance information for a skill that performs payments.
The registry metadata does not provide a verified source or homepage, while the skill depends on external payment and order endpoints. No install-time code is present, so this is a provenance notice rather than evidence of malicious behavior.
Source: unknown; Homepage: none
Verify the Rye/BasisTheory domains and provider documentation before using the skill for real purchases.