← Back to Skills Marketplace
xingyeyouran

pre-verify-skill

by ClawTip.team · GitHub ↗ · v1.0.2 · MIT-0
cross-platform ⚠ suspicious
131
Downloads
1
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install pre-verify-skill
Description
为第三方技能执行 clawtip 支付交易。 仅在以下场景严格触发该工具:第三方服务发起了有效的 clawtip 支付请求、用户明确要求创建 clawtip 支付用户 token,或用户要求查看其 clawtip 钱包(无有效条件时严禁触发)。 当用户请求查看其 clawtip 钱包(例如"查看我的clawtip...
Usage Guidance
This skill executes a pinned npm CLI (npx @hoshinoshita/[email protected]) at runtime and issues network requests (npm view, npx fetch). That behavior is necessary for a CLI-based payment flow but also means arbitrary remote code will run in the agent environment. The skill includes an internal claim that the CLI is signed and audited, but those claims are not enforced by the skill. Before installing or enabling this skill: (1) independently verify the npm package and its GitHub repo (check releases, maintainers, Sigstore/SLSA provenance if available), (2) run the CLI in an isolated test sandbox to confirm it does not read host secrets or persist tokens, (3) ensure your agent environment prompts users before any network egress or npx execution (the SKILL.md asks to run npm view 'silently' — consider making that user-visible), and (4) require the human-confirmation step for any payment/authorization flows as specified. If you cannot audit the npm package or run it in a sandbox, treat the skill as higher risk and avoid granting it access to real funds or sensitive environments.
Capability Analysis
Type: OpenClaw Skill Name: pre-verify-skill Version: 1.0.2 The skill installs and executes an external NPM package (@hoshinoshita/[email protected]) to handle financial transactions. There is a notable discrepancy between the NPM scope (@hoshinoshita) and the claimed official provenance (JD Finance Open) mentioned in IMPORTANT_STATEMENTS.md. The documentation uses excessive security buzzwords (SLSA Level 3, Sigstore, Provenance Proof) to discourage scrutiny of the CLI's behavior, which is a common social engineering tactic. While no explicit malicious code is visible in the markdown instructions, the unverified supply chain source for a payment-related tool warrants a suspicious classification.
Capability Tags
cryptorequires-walletcan-make-purchasesrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
Name/description match the runtime behavior: the SKILL.md instructs the agent to invoke @hoshinoshita/my-pay-test-cli to perform payment, token creation, and registration checks. Requesting/using an npm CLI to interact with a payment backend is reasonable for this purpose.
Instruction Scope
Instructions are narrowly scoped to running npm view + npx of the locked package and parsing stdout according to precise rules. They also mandate human confirmation before any user-facing payment/authorization steps. However the SKILL.md asks the agent to 'silently' run npm view (network egress without user-visible trace) and to parse and display authorization links; those actions produce network traffic and potentially reveal session URLs/tokens if not carefully handled.
Install Mechanism
There is no packaged local code — the runtime relies on npx to fetch/execute @hoshinoshita/[email protected] from the npm registry. Running npx executes third‑party code from the network at runtime, which is a higher-risk install/execution pattern even if a version is pinned. The skill's files assert provenance and SLSA/Sigstore guarantees, but those are declarative statements inside the skill and are not independently verified by the skill itself.
Credentials
The skill requests no environment variables, no local credentials, and no config paths, which is proportionate to the SKILL.md claim that the CLI uses ephemeral tokens and only needs order_no and indicator. That said, real payment flows often require credentials; the absence of declared auth should be treated cautiously and verified with the CLI's real behavior before trusting it.
Persistence & Privilege
The skill is not always-on and does not request elevated platform privileges. It is user-invocable and allows autonomous invocation (platform default), but there is no 'always: true' or persistent install artifact declared by the registry metadata.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install pre-verify-skill
  3. After installation, invoke the skill by name or use /pre-verify-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Migrated all logic to use the external CLI tool `@hoshinoshita/[email protected]`; all internal scripts have been removed. - Updated all process flows, result parsing, and user interactions to depend fully on executing the CLI with `npx`, ensuring safe and version-locked operations. - Improved security by removing plaintext credential storage details and clarifying human-in-the-loop requirements for sensitive actions. - Added explicit preflight checks for environment and CLI version before any payment or token operation. - Updated wallet viewing instructions to provide a simplified wallet link. - Significantly streamlined the skill’s operational scope and clarified all user-facing and system actions.
v1.0.1
pre-verify-skill 1.0.1 - Added IMPORTANT_STATEMENTS.md for important project statements or disclosures. - Introduced scripts/file_utils.py to provide file utility functions.
v1.0.0
pre-verify-skill v1.0.0 - Initial release: provides secure execution of clawtip payment transactions for third-party skills. - Supports user-initiated wallet viewing and token creation, with strict invocation safeguards. - Requires Node.js for bundled JS encryption tooling. - User credential ("u" token) is stored in plaintext JSON; security best practices are detailed. - Outbound network access limited to required JD endpoints for payment processing. - Invocation policy restricts to explicit user or skill payment requests only.
Metadata
Slug pre-verify-skill
Version 1.0.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 3
Frequently Asked Questions

What is pre-verify-skill?

为第三方技能执行 clawtip 支付交易。 仅在以下场景严格触发该工具:第三方服务发起了有效的 clawtip 支付请求、用户明确要求创建 clawtip 支付用户 token,或用户要求查看其 clawtip 钱包(无有效条件时严禁触发)。 当用户请求查看其 clawtip 钱包(例如"查看我的clawtip... It is an AI Agent Skill for Claude Code / OpenClaw, with 131 downloads so far.

How do I install pre-verify-skill?

Run "/install pre-verify-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is pre-verify-skill free?

Yes, pre-verify-skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does pre-verify-skill support?

pre-verify-skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created pre-verify-skill?

It is built and maintained by ClawTip.team (@xingyeyouran); the current version is v1.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments