VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment

Name: VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment
Author: jononovo

by jononovo · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

303

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install venmo

Description

Is your claw a shopaholic? Provide payment wallets and strict controls.

Usage Guidance

This skill is coherent with a payment integration and the single required env var (CREDITCLAW_API_KEY) makes sense, but there are several red flags to consider before installing: - The docs instruct the agent to save encrypted card files and to run a decrypt script (node decrypt.js). Confirm whether your environment provides a safe, isolated 'sub-agent' mechanism; if not, the skill explicitly says the main agent can decrypt the card, which would expose full card numbers/CVV to the agent and any logs—avoid that unless you understand and accept the risk. - The skill assumes you can run 'node' and spawn ephemeral sessions, but the skill metadata does not declare 'node' or sub-agent requirements. Ask the publisher to list required binaries/runtime and to remove the fallback that exposes decrypted cards to the main agent. - The manifest URLs point to creditclaw.com (consistent), but verify you trust that domain and its security practices before handing over an API key or saving card files. Treat the API key like a full-payment credential — do not reuse it elsewhere. - If you proceed, ensure the agent's filesystem and logs are secured (no persistent logging of decrypted card data), confirm sub-agent deletion behavior, and consider limiting the skill's autonomous invocation or adding human approval thresholds. If you cannot verify sub-agent isolation, node availability, or the publisher's trustworthiness, do not install or provide the CREDITCLAW_API_KEY.

Capability Analysis

Type: OpenClaw Skill Name: venmo Version: 1.0.0 The CreditClaw skill bundle facilitates financial transactions for agents but introduces significant security risks through its operational instructions. File `skill.md` contains a prompt injection attempt, advising the agent to execute a series of `curl` and `mkdir` commands to 'install locally' if it is 'unsure' of how to proceed. More critically, `encrypted-card.md` describes a 'Rail 5' workflow where the agent is instructed to download and execute a server-provided script (`decrypt.js`) to handle encrypted card data, which represents a high-risk Remote Code Execution (RCE) surface. While these features are framed as part of a legitimate financial service (IOC: `creditclaw.com`), the reliance on dynamic code execution and instructions to modify the local environment warrants a suspicious classification.

Capability Assessment

ℹ Purpose & Capability

The name/description match the behavior: the skill calls a single payment API (creditclaw.com) and requires CREDITCLAW_API_KEY, which is proportional. However, the instructions also assume the ability to save files under ~/.creditclaw and .creditclaw/cards and to spawn ephemeral sub-agents and execute 'node decrypt.js'—capabilities not declared in required binaries or config paths. That mismatch is unexpected.

⚠ Instruction Scope

SKILL.md and companion docs explicitly instruct the agent to download and save skill files and encrypted card files, retrieve single-use decryption keys, and run a decrypt script (node decrypt.js). They recommend spawning an ephemeral sub-agent to avoid exposing decrypted card details, but they also give an explicit 'Alternative' that allows the main agent to run the decrypt steps if sub-agents are unavailable. That alternative expands scope to direct handling of full card PAN/CVV data in the main agent context, which contradicts the privacy claims and grants broad discretion to the agent.

ℹ Install Mechanism

There is no formal install spec (instruction-only), which reduces installer risk. The docs include curl commands that download multiple files from creditclaw.com into ~/.creditclaw — the URLs point to the stated homepage/domain (creditclaw.com), which is consistent, but the act of writing scripts and card files to disk is effectively an installation step not declared in the manifest.

✓ Credentials

Only CREDITCLAW_API_KEY is requested and declared as primaryEnv; that is expected for a payment integration. There are no unrelated credentials requested. However, the skill instructs processes that will handle highly sensitive data (decrypted card numbers), which is a data-sensitivity concern even if env var requests are minimal.

ℹ Persistence & Privilege

The skill is not forced-always and allows normal autonomous invocation. It asks the agent to persist files under home paths (~/.creditclaw, .creditclaw/cards) and suggests saving decrypt scripts and card files locally; these are permissions to write to the agent's filesystem but do not attempt to modify other skills or system-wide settings. The lack of declared config paths in the manifest is an inconsistency to be aware of.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install venmo
After installation, invoke the skill by name or use /venmo
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release of CreditClaw Shopping skill. - Enables AI agents and bots to securely spend via encrypted cards and stablecoin wallets with strict owner-approved controls. - Supports multiple payment rails: Encrypted Card (live), Stripe Wallet (private beta), and Crossmint Wallet (coming soon). - Offers detailed documentation for setup, status checks, spending permissions, transaction management, storefront creation, and payment link generation. - Emphasizes strong security: API keys never sent outside creditclaw.com, strict guardrails, per-transaction approval, server-side enforcement, and audit logging. - Human owners maintain full oversight and control, including real-time dashboards, alerts, and wallet freezing capabilities.

Metadata

Slug venmo

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment?

Is your claw a shopaholic? Provide payment wallets and strict controls. It is an AI Agent Skill for Claude Code / OpenClaw, with 303 downloads so far.

How do I install VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment?

Run "/install venmo" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment free?

Yes, VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment support?

VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment?

It is built and maintained by jononovo (@jononovo); the current version is v1.0.0.

More Skills