Valiron
ReviewAudited by ClawScan on May 10, 2026.
Overview
Valiron appears to be a legitimate payment trust gate, but its included authorization template may approve real payments before enforcing all documented spend limits and approval checks.
Review this skill carefully before using it with real payments. Its purpose is legitimate, but do not copy the interceptor template directly into production until you add enforcement for hourly and daily limits, human approval thresholds, logging safeguards, dependency pinning, and fail-closed tests.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If copied into a real payment flow as-is, repeated or cumulative payments could be approved without the hourly, daily, or human-approval protections users may expect.
The interceptor template can return an allow decision after checking only the rail and maxAmountPerPayment. The provided source does not enforce the documented maxAmountPerHour, maxAmountPerDay, or requireHumanApprovalOver controls before authorizing the payment path.
if (req.amount > row.maxAmountPerPayment) { ... } return { allow: row.authorization === 'allow' || row.authorization === 'allow_with_limits', ... }Treat the interceptor as illustrative only. Before production use, enforce all spend-control fields, require human approval above configured thresholds, add tests for fail-closed behavior, and keep payment initiation separate from the trust decision until policy checks pass.
A Valiron credential could grant access to the trust service used to make payment-routing decisions.
The skill may use a Valiron API credential for authenticated trust lookups. This is purpose-aligned and disclosed, and the artifacts instruct using a secret manager or environment variables rather than hardcoding.
`VALIRON_API_KEY` (optional today; reserved for authenticated deployments)
Store the key in a secret manager or environment variable, scope it to the minimum required access, rotate it regularly, and verify logs never include the key or raw authorization headers.
An unexpected or changed SDK version could affect trust decisions in the payment gate.
The skill depends on an external SDK but does not provide an install spec or pinned version. The dependency is central to the purpose, but users should verify provenance and versioning.
Installed dependencies: - `@valiron/sdk`
Pin @valiron/sdk to a reviewed version, use a lockfile in the host project, and monitor dependency updates before deploying the interceptor.
Audit logs may reveal payment amounts, counterparties, and routing decisions if stored or shared insecurely.
The recommended audit trail stores payment and counterparty metadata. This is expected for auditability, and the same file instructs redaction, but the logs should still be treated as sensitive.
Log one event per authorization attempt. ... `paymentId` ... `counterparty.agentId` or wallet source ... `amount` + `currency`
Restrict log access, redact or hash sensitive identifiers where feasible, avoid free-form sensitive fields, and define retention for payment authorization logs.