← 返回 Skills 市场
jononovo

VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment

作者 jononovo · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
303
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install venmo
功能描述
Is your claw a shopaholic? Provide payment wallets and strict controls.
安全使用建议
This skill is coherent with a payment integration and the single required env var (CREDITCLAW_API_KEY) makes sense, but there are several red flags to consider before installing: - The docs instruct the agent to save encrypted card files and to run a decrypt script (node decrypt.js). Confirm whether your environment provides a safe, isolated 'sub-agent' mechanism; if not, the skill explicitly says the main agent can decrypt the card, which would expose full card numbers/CVV to the agent and any logs—avoid that unless you understand and accept the risk. - The skill assumes you can run 'node' and spawn ephemeral sessions, but the skill metadata does not declare 'node' or sub-agent requirements. Ask the publisher to list required binaries/runtime and to remove the fallback that exposes decrypted cards to the main agent. - The manifest URLs point to creditclaw.com (consistent), but verify you trust that domain and its security practices before handing over an API key or saving card files. Treat the API key like a full-payment credential — do not reuse it elsewhere. - If you proceed, ensure the agent's filesystem and logs are secured (no persistent logging of decrypted card data), confirm sub-agent deletion behavior, and consider limiting the skill's autonomous invocation or adding human approval thresholds. If you cannot verify sub-agent isolation, node availability, or the publisher's trustworthiness, do not install or provide the CREDITCLAW_API_KEY.
功能分析
Type: OpenClaw Skill Name: venmo Version: 1.0.0 The CreditClaw skill bundle facilitates financial transactions for agents but introduces significant security risks through its operational instructions. File `skill.md` contains a prompt injection attempt, advising the agent to execute a series of `curl` and `mkdir` commands to 'install locally' if it is 'unsure' of how to proceed. More critically, `encrypted-card.md` describes a 'Rail 5' workflow where the agent is instructed to download and execute a server-provided script (`decrypt.js`) to handle encrypted card data, which represents a high-risk Remote Code Execution (RCE) surface. While these features are framed as part of a legitimate financial service (IOC: `creditclaw.com`), the reliance on dynamic code execution and instructions to modify the local environment warrants a suspicious classification.
能力评估
Purpose & Capability
The name/description match the behavior: the skill calls a single payment API (creditclaw.com) and requires CREDITCLAW_API_KEY, which is proportional. However, the instructions also assume the ability to save files under ~/.creditclaw and .creditclaw/cards and to spawn ephemeral sub-agents and execute 'node decrypt.js'—capabilities not declared in required binaries or config paths. That mismatch is unexpected.
Instruction Scope
SKILL.md and companion docs explicitly instruct the agent to download and save skill files and encrypted card files, retrieve single-use decryption keys, and run a decrypt script (node decrypt.js). They recommend spawning an ephemeral sub-agent to avoid exposing decrypted card details, but they also give an explicit 'Alternative' that allows the main agent to run the decrypt steps if sub-agents are unavailable. That alternative expands scope to direct handling of full card PAN/CVV data in the main agent context, which contradicts the privacy claims and grants broad discretion to the agent.
Install Mechanism
There is no formal install spec (instruction-only), which reduces installer risk. The docs include curl commands that download multiple files from creditclaw.com into ~/.creditclaw — the URLs point to the stated homepage/domain (creditclaw.com), which is consistent, but the act of writing scripts and card files to disk is effectively an installation step not declared in the manifest.
Credentials
Only CREDITCLAW_API_KEY is requested and declared as primaryEnv; that is expected for a payment integration. There are no unrelated credentials requested. However, the skill instructs processes that will handle highly sensitive data (decrypted card numbers), which is a data-sensitivity concern even if env var requests are minimal.
Persistence & Privilege
The skill is not forced-always and allows normal autonomous invocation. It asks the agent to persist files under home paths (~/.creditclaw, .creditclaw/cards) and suggests saving decrypt scripts and card files locally; these are permissions to write to the agent's filesystem but do not attempt to modify other skills or system-wide settings. The lack of declared config paths in the manifest is an inconsistency to be aware of.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install venmo
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /venmo 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of CreditClaw Shopping skill. - Enables AI agents and bots to securely spend via encrypted cards and stablecoin wallets with strict owner-approved controls. - Supports multiple payment rails: Encrypted Card (live), Stripe Wallet (private beta), and Crossmint Wallet (coming soon). - Offers detailed documentation for setup, status checks, spending permissions, transaction management, storefront creation, and payment link generation. - Emphasizes strong security: API keys never sent outside creditclaw.com, strict guardrails, per-transaction approval, server-side enforcement, and audit logging. - Human owners maintain full oversight and control, including real-time dashboards, alerts, and wallet freezing capabilities.
元数据
Slug venmo
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment 是什么?

Is your claw a shopaholic? Provide payment wallets and strict controls. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 303 次。

如何安装 VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install venmo」即可一键安装,无需额外配置。

VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment 是免费的吗?

是的,VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment 支持哪些平台?

VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 VenmoClaw - Give your Claw Agent a credit card - They can spend anywhere or request payment?

由 jononovo(@jononovo)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论