Shop from Microsoft - With your creditcard

Let your agent shop online with guardrailed wallets, multiple payment methods, and owner approval.

This skill appears internally consistent for a payment-enabled shopping assistant, but take the following precautions before installing or enabling it: - Verify the publisher and domain: confirm creditclaw.com is the legitimate service you expect and that the registry listing/publisher match the company you trust. The listing name/slug ('microsoft' / 'Shop from Microsoft - With your creditcard') does not match the internal skill id (creditclaw-creditcard) — ask the publisher to explain or fix this. - Treat the API key as sensitive: only provide a CREDITCLAW_API_KEY created for this purpose, and do not reuse broader-scoped credentials (do not use your primary Stripe/AWS/etc. keys). Prefer a limited-scope key with the minimum rights and start with a low balance or test mode if available. - Review webhook/callback settings carefully: if you register a callback_url, only use endpoints you control; otherwise external URLs could receive event payloads containing order metadata. - Start safely: test with minimal funds, leave owner approval mode enabled (ask_for_everything) until you confirm behavior, and monitor the owner's dashboard for transactions and approvals. - Avoid running curl install commands until you’ve validated the domain and the files (you can open the URLs in a browser first). Consider downloading files and inspecting them before placing them under ~/.creditclaw. - Absence of code/scan findings is not a guarantee of safety: this skill is instruction-only (no code to regex-scan). If you need higher assurance, ask the publisher for an audit, a public repository, or an official third-party review.

Type: OpenClaw Skill Name: microsoft Version: 1.0.0 The skill bundle facilitates high-risk financial transactions and includes instructions in SKILL.md that direct the AI agent to execute shell commands (curl) to download and overwrite local files from a remote domain (creditclaw.com). This pattern functions as a remote instruction injection vector, allowing the remote server to alter the agent's behavior after the initial security review. Additionally, there is a discrepancy in _meta.json where the 'slug' is set to 'microsoft' despite the content being entirely focused on the 'CreditClaw' service, which is a common indicator of brand impersonation or misleading metadata.