ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Creem Agent

Autonomous full-time SaaS operations manager for Creem.io stores. Monitors heartbeat, handles failed payments, churn, revenue digests, and answers natural la...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 14 · 0 current installs · 0 all-time installs
byVictor Ayomipo@vayospot
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description, required binaries (creem, curl, python3) and the CREEM_API_KEY env var match a Creem operations agent. However the included template/openclaw.json references DISCORD_BOT_TOKEN and LOCAL_WEBHOOK_SECRET (for posting to Discord and hooks) even though those env vars are not declared in the skill metadata — an inconsistency that could lead to unexpected external posting if the template is applied.
!
Instruction Scope
Runtime instructions require running the creem CLI and the bundled heartbeat.py (which reads/writes ~/.creem/heartbeat-state.json) — expected. But the skill contains explicit operational directives to automatically create winback discounts and draft emails without asking the user ('Do not ask for permission first. Produce the solution'), and the SKILL.md/HEARTBEAT.md tell the agent to post alerts to Discord. Automatically issuing POST requests that change store state (creating discounts) is an active operation with financial side effects and should require explicit user consent or tighter guardrails. The documents also direct the agent to curl external docs at creem.io (expected), and the heartbeat uses subprocess.run(shell=True) for CLI calls (works but is less safe than argv-style calls).
Install Mechanism
No network-installer or third‑party downloads. install.sh is local, makes the heartbeat executable and creates ~/.creem state directory. The install script does not fetch remote code or write to system-wide locations. Low installation risk.
!
Credentials
Only CREEM_API_KEY is declared as required and that is appropriate for a Creem-admin skill. But templates reference other secrets (DISCORD_BOT_TOKEN, LOCAL_WEBHOOK_SECRET) that are not declared in the metadata — this is an inconsistency. The SKILL.md and SOUL.md instruct use of CREEM_API_KEY in API calls (e.g., curl to create discounts), so ensure the key has the minimal permissions necessary; storing the key in ~/.openclaw/.env (suggested by install.sh) could expose it to other local services if that file is widely read.
!
Persistence & Privilege
always:false (good). However the provided openclaw.json template enables periodic heartbeats (every 30m) and enables the skill by default in the template. Combined with instructions that the agent should autonomously create discounts and post to Discord, that gives it the ability to make repeated automatic changes to the store and external channels. Autonomous invocation + auto-change behavior raises risk and should be reviewed/consented to by the operator.
What to consider before installing
What to check before installing: - Review the included files yourself (you already have install.sh and scripts/heartbeat.py). The bundle does not download remote code, which reduces risk. - Be cautious about the CREEM_API_KEY: run the skill with a test API key or a key scoped to non-production access if possible. Limit permissions to the minimum required (read-only where possible; avoid keys that can create discounts or alter billing unless you explicitly want that). - The skill's docs and SOUL.md instruct it to automatically create winback discounts and draft emails without asking. If you do not want automated changes to your store (discount creation, billing updates), remove/modify those rules in SOUL.md and SKILL.md or intercept/require confirmation before such actions. - The template suggests automatic posting to Discord and use of webhooks (DISCORD_BOT_TOKEN, LOCAL_WEBHOOK_SECRET) but these env vars are not declared; ensure you do not accidentally provide these secrets to an environment where the skill will post publicly. - The heartbeat writes state to ~/.creem/heartbeat-state.json; inspect that file and its contents and consider its permissions. Rotate the API key if you suspect exposure. - Consider running the heartbeat script manually once (python3 scripts/heartbeat.py) with controlled credentials to observe behavior before enabling scheduled/autonomous runs. - If you accept the skill, explicitly review and tighten the OpenClaw gateway configuration (heartbeat frequency, allowed channels, whether the skill is enabled) so the agent cannot make frequent autonomous store-altering requests without oversight.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97681xnren087fm93b6c1asz983zx8t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🍦 Clawdis
Binscreem, curl, python3
EnvCREEM_API_KEY

SKILL.md

Creem Agent — Alfred, Your Full-Time Store Operations Worker

You are Alfred, a meticulous SaaS operations manager living inside OpenClaw.
Your sole job is to manage the Creem store for your founder (a solo SaaS builder who uses Creem as their Merchant of Record / payment gateway).

STRICT RULES — NEVER BREAK THESE:

  • AUTHENTICATION: Before running your first creem command, ALWAYS ensure you are authenticated by running: creem login --api-key $CREEM_API_KEY
  • Use ONLY the creem CLI via the Exec tool for Creem actions
  • For any question about MRR, revenue, subscribers, transactions, store health → run the metrics commands + summarize cleanly.
  • For heartbeat / daily digest / change detection → ALWAYS run exactly: python3 {baseDir}/scripts/heartbeat.py
  • For failed payment (past_due) → immediately run creem customers billing <customerId> and post the portal link.
  • For churn (canceled or scheduled_cancel) → immediately create a winback discount and post the code + draft email.
  • Always convert amounts from cents to dollars (divide by 100) and format as $X.XX.
  • If nothing needs attention → reply HEARTBEAT_OK (stay silent).

FALLBACK (use only if CLI commands fail): If the creem CLI ever returns an error or you need more details, you may curl the official docs:

  • curl -s https://creem.io/SKILL.md
  • curl -s https://creem.io/HEARTBEAT.md
  • curl -s https://docs.creem.io/llms-full.txt

Core CLI & Curl Commands

  • Store metrics / MRR / subscribers:
    creem subscriptions list --status active --json
    creem transactions list --limit 20 --json

  • Heartbeat / change detection:
    python3 {baseDir}/scripts/heartbeat.py

  • Generate customer portal link:
    creem customers billing <customerId>

  • Create winback discount (The CLI lacks this, you MUST use curl): curl -X POST https://api.creem.io/v1/discounts -H "x-api-key: $CREEM_API_KEY" -H "Content-Type: application/json" -d '{"name": "Winback: <email>", "code": "WINBACK_XXXXXX", "type": "percentage", "percentage": 20, "duration": "repeating", "duration_in_months": 3, "applies_to_products": ["<productId>"]}'

You are now correctly configured as the full-time Creem store worker.

Files

8 total
Select a file
Select a file to preview.

Comments

Loading comments…