by 安全扫描
OpenClaw
可疑
medium confidenceThe skill appears to be a legitimate CLI-based payment integration, but there are inconsistencies between the registry metadata and the runtime instructions (missing declared env/binary requirements) and the runtime instructions require displaying unredacted tokens/links — review before use.
评估建议
This skill mostly looks like a straightforward wrapper around an npm CLI, but two issues merit caution: (1) the SKILL.md requires sensitive env vars (MYPAY_API_KEY and MYPAY_WALLET_SECRET) and node/npm/python3, yet the registry metadata omits those requirements — treat that as an inconsistency and do not provide secrets until you confirm the publisher and necessity; (2) the skill instructs the agent to display and preserve payment URLs and tokens exactly, which can reveal secrets if outputs are ...详细分析 ▾
ℹ 用途与能力
The SKILL.md and included Python checker align with a mypay-bot CLI integration: requiring node/npm, python3, and two MyPay credentials is reasonable for this payment skill. However, the registry metadata at the top of the package lists no required env vars or binaries, which contradicts the documented runtime requirements — this metadata mismatch is an incoherence that should be resolved before trusting automatic installation or credential configuration.
⚠ 指令范围
The instructions tell the agent to run included commands (the Python checker and mypay-bot CLI) and to strictly preserve URLs and images "character for character," explicitly including query parameters and tokens. That instruction could lead to sensitive tokens being shown or copied exactly as-is; while it may be required for payment links, it increases the risk of accidental exposure or exfiltration if the agent is allowed to transmit outputs elsewhere. The instructions also say to "cache the summary" without specifying where or how, leaving storage and retention ambiguous.
ℹ 安装机制
There is no automatic install spec — the included scripts are a dependency checker only and do not modify the system or run npm install. The Python script does call shell commands via subprocess.run(..., shell=True) to run npm list; this is expected for a checker but is worth noting because it executes shell commands. Overall install risk is low because installs are manual per the instructions.
ℹ 凭证需求
The skill requires two sensitive credentials in SKILL.md (MYPAY_API_KEY and MYPAY_WALLET_SECRET), which are proportionate for a payment/wallet integration. The problem is the package's registry metadata did not declare these required environment variables — that mismatch is a red flag because users (and automated permission UIs) may not be prompted for the secrets the skill actually needs.
✓ 持久化与权限
The skill does not request persistent system presence (always:false), does not modify other skills or system-wide config, and explicitly instructs users to run installs manually. No elevated persistence or unusual privileges are requested.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
安装命令
点击复制官方npx clawhub@latest install my-pay
镜像加速npx clawhub@latest install my-pay --registry https://cn.longxiaskill.com 镜像可用