Back to skill
Skillv1.0.27
ClawScan security
PayMe - Crypto Payments · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 25, 2026, 10:00 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are coherent with a crypto-payments integration: it is instruction-only, asks for no unrelated credentials, and documents using a short-lived agent token and an installation ID for authenticated API calls.
- Guidance
- This skill appears internally consistent for interacting with PayMe. Key things to consider before installing: (1) The agent will store an agentToken and reuse an installationId — these are sensitive and allow the agent to read balances and (with the right scopes) execute payments, so only install if you trust the agent/runtime and keep token lifetimes short. (2) The SKILL.md states payments require explicit user confirmation by default; verify your agent actually prompts for confirmation before sending funds. (3) Use the one-time connection codes from the official web app (payme.feedom.tech) and avoid sharing PINs — the skill explicitly says never to ask for existing PINs and to only accept claim/connection codes. (4) If you suspect misuse, revoke the agent token from PayMe Settings -> AI Agent Access and/or rotate PINs. (5) If you install by cloning the repo, verify the upstream repository and HTTPS URL to avoid tampered copies.
Review Dimensions
- Purpose & Capability
- okThe name/description (send/receive USDC/USDT via PayMe smart wallets) matches the documented API endpoints and the runtime instructions. No unrelated env vars, binaries, or config paths are requested.
- Instruction Scope
- noteSKILL.md instructs the agent to guide users through a connection flow, exchange a one-time code, store an agentToken, and use an installationId on requests. These actions are necessary for the stated purpose, but they involve handling sensitive tokens and performing authenticated payments — the document repeatedly instructs to require explicit user confirmation before sending funds. Ensure the agent implementation actually enforces confirmation and conservative defaults (short token lifetimes, spend limits).
- Install Mechanism
- okThis is instruction-only (no install spec, no downloads, no code files executed). The lowest-risk install profile: nothing is written or executed by an installer beyond copying docs into a skills directory if the user chooses.
- Credentials
- okThe skill requests no environment variables or unrelated credentials. The only sensitive artifacts are the agentToken and a stable installationId (both explained in the docs) which are proportional to the ability to act on the user's behalf via the PayMe API.
- Persistence & Privilege
- noteThe skill instructs storing agentToken and reusing a stable installationId per agent installation. This persistence is expected for an agent that must make authenticated API calls, but it means the agent will hold credentials that can execute payments until the token expires or is revoked — users should understand how long tokens last and how to revoke them.