by 安全扫描
OpenClaw
可疑
medium confidence该技能的运行指令与 Mercury 支付工作流对齐,但其清单省略了必需的凭据,并指示代理访问电子邮件/密码存储并写入支付日志 — 这些不一致之处在安装前值得谨慎考虑。
评估建议
["安装前请注意:","1. 请求发布者更新清单,声明 MERCURY_API_TOKEN(以及任何邮件或保管库配置路径),以评估最小权限。","2. 验证代理如何获取发票电子邮件和发送出站邮件(哪些邮箱凭据需要,存储在哪里)。","3. 确保人工干预执行,防止自动支付(审计/记录每笔支付,要求明确操作员确认)。","4. 提供最小范围的 API 令牌(仅限写入到所需账户),先在沙盒 Mercury 账户上测试。","5. 确认处理发票 PDF 和银行账户数据是否符合您的数据保护政策(避免在持久、未加密的内存中存储敏感附件)。","如果发布者无法澄清或更新清单以匹配 SKILL.md,请将该技能视为风险,避免授予邮箱/保管库访问权限或支付凭据。"]...详细分析 ▾
⚠ 用途与能力
SKILL.md describes paying invoices via the Mercury API (create recipients, send ACH/wire, query transactions) which matches the name/description — however the instructions require a Mercury API token and access to invoice emails/password vaults, but the registry metadata declares no required env vars or credentials. The missing declaration is an incoherence.
⚠ 指令范围
Instructions go beyond calling the Mercury API: they tell the agent to find invoice emails, download attachments to /tmp/, reply in existing email threads, and email bookkeeping/vendor addresses. These steps imply mailbox access and local file handling that are not described in the manifest and broaden the skill's scope and data access significantly.
✓ 安装机制
Instruction-only skill with no install spec and no code files — lower disk/write risk. There is nothing being downloaded or installed by the skill itself according to the manifest.
⚠ 凭证需求
SKILL.md explicitly expects a Mercury API token ($MERCURY_API_TOKEN) and even suggests using 'pass show <vault-path>' for secrets, yet the registry lists no required env vars or primary credential. The instructions also handle bank account numbers, routing numbers, and instruct emailing/attaching sensitive PDFs — all sensitive operations that should be declared and scoped in the manifest.
ℹ 持久化与权限
The skill does not request always:true and is user-invocable (default). It instructs logging payments to a 'daily memory file' and sending emails; this is normal for a payments workflow but increases audit requirements. Ensure the agent cannot autonomously send funds without the explicit operator approval the SKILL.md demands.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.12026/2/18
通用文档以安全共享;移除了组织特定的账户/收款人 ID 和个人联系方式;添加了动态账户发现指导;保留了内部转账和支付工作流改进。
● 可疑
安装命令 点击复制
官方npx clawhub@latest install mercury-payments
镜像加速npx clawhub@latest install mercury-payments --registry https://cn.clawhub-mirror.com
技能文档
概述
通过 Mercury Bank API 支付发票,支持 ACH 和电汇支付...使用指南
- 配置 Mercury API 令牌:在技能设置中输入您的 MERCURY_API_TOKEN...
- 创建收款人:使用
mercury-payments create-recipient命令...
代码示例
mercury-payments pay-invoice --invoice-id=INV123 --amount=100.00
注意
- 确保最小权限原则
- 定期备份支付记录
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制