ClawHub

Solana Payments

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Solana USDC subscription checkout guide with real payment caveats, but no hidden execution, exfiltration, or unrelated authority.

Install only the intended Tributary package from a trusted npm source, pin or lock the dependency version, and review generated checkout URLs before use. Confirm the recipient public key, fixed gateway, amount, billing frequency, success and cancel URLs, and whether auto-renew is enabled. Avoid putting personal or sensitive customer data in tracking IDs or memos because payment metadata may be visible or persistent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill promotes `autoRenew: true` for subscription payments without an explicit, prominent warning that this authorizes recurring charges affecting user funds. In a payment-related skill, omission of clear user-consent language can lead agents to create recurring payment flows without adequately informing users of the ongoing financial commitment.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs agents to redirect users directly to a live checkout URL (`window.location.href = session.url`) without an explicit warning that this begins a real subscription checkout flow tied to actual funds. In the context of a payments skill, this is risky because an agent may move a user into a live payment journey without sufficient disclosure, confirmation, or environment checks.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal