← Back to Skills Marketplace
Stripe Full Read Access
by
George Lewis
· GitHub ↗
· v1.0.0
· MIT-0
96
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install stripe-full-read-access
Description
Access Stripe directly with a Stripe secret or restricted API key for broad read-only platform queries, especially Connect accounts, application fees, balanc...
Usage Guidance
This skill appears to do what it says (read Stripe data), but it has some red flags you should address before installing or running it:
- The SKILL.md expects a Stripe API key at /home/clawd/.config/stripe/api_key and uses STRIPE_API_KEY, but the skill metadata does not declare any required credential or primaryEnv. Confirm where your agent will look for keys and whether that hardcoded path is appropriate for your environment.
- The SKILL.md recommends using a platform-level key for Connect reporting. Platform keys are highly sensitive—prefer creating and using a restricted, read-only key scoped only to the endpoints you need.
- Because the skill instructs the agent to read a local file, ensure the agent process has explicit permission to access that path and that no unintended keys reside there. If you run agents in multi-tenant or cloud environments, do not place secrets in predictable filesystem locations.
- Consider updating the skill or configuration to: declare the expected credential in metadata (primaryEnv or requires.env), make the key path configurable (not hardcoded to /home/clawd/...), and document the minimal OAuth/Restricted key scopes required.
If you cannot confirm these items, treat the skill as higher-risk and avoid granting it access to any production/privileged Stripe keys.
Capability Analysis
Type: OpenClaw Skill
Name: stripe-full-read-access
Version: 1.0.0
The skill provides a set of instructions and code snippets for an AI agent to perform read-only financial reporting and analytics using the Stripe API. It correctly identifies a local configuration path (/home/clawd/.config/stripe/api_key) for authentication and uses standard tools like curl and Python's urllib to interact with official Stripe endpoints (api.stripe.com). There is no evidence of data exfiltration, credential theft, or malicious execution.
Capability Assessment
Purpose & Capability
The skill claims broad read-only Stripe access and the SKILL.md contains concrete curl/python examples that only call read endpoints (accounts, balance, charges, etc.). The requested operations are consistent with the description.
Instruction Scope
The instructions explicitly instruct the agent to read a local file at /home/clawd/.config/stripe/api_key and to export it as STRIPE_API_KEY. The skill does not declare this file path or credential anywhere in the registry metadata. Hardcoding a specific home-path for a user named 'clawd' is surprising and may not apply to other users; it also means the agent will attempt to read a sensitive local file when invoked.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so there is no software downloaded or executed beyond the commands shown in SKILL.md (low install risk).
Credentials
The skill requires a Stripe secret to function, but the registry metadata lists no required env vars or primary credential. The SKILL.md instructs using STRIPE_API_KEY and a specific local file path and even recommends a platform-level key for Connect reporting—platform keys are highly privileged. The lack of declared credential in metadata is an inconsistency and raises the chance of accidental exposure or misuse of a full-access key.
Persistence & Privilege
always is false and there is no installation that modifies agent-wide settings. The skill does instruct reading a local secret at runtime, but it does not request persistent presence or elevated platform privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install stripe-full-read-access - After installation, invoke the skill by name or use
/stripe-full-read-access - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: direct Stripe platform read access for Connect accounts, application fees, balances, charges, customers, invoices, subscriptions, payouts, transfers, and balance transactions.
Metadata
Frequently Asked Questions
What is Stripe Full Read Access?
Access Stripe directly with a Stripe secret or restricted API key for broad read-only platform queries, especially Connect accounts, application fees, balanc... It is an AI Agent Skill for Claude Code / OpenClaw, with 96 downloads so far.
How do I install Stripe Full Read Access?
Run "/install stripe-full-read-access" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Stripe Full Read Access free?
Yes, Stripe Full Read Access is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Stripe Full Read Access support?
Stripe Full Read Access is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Stripe Full Read Access?
It is built and maintained by George Lewis (@georgelewi5); the current version is v1.0.0.
More Skills