ZL-ClawPay

Use when users need to query sub-wallet binding status, bind sub-wallet, generate QR code, check payment status, query balance or transaction history. Trigge...

What to check before installing/using this skill: 1) Metadata mismatch: The report header shows no required env vars but SKILL.md/_meta.json require ZLPAY_APP_ID and GM key material — assume the skill needs those secrets. Do not pass keys until you audit the code. 2) Inspect config/.env: The package includes config/.env. Open it before installation; if it contains real keys or default credentials, remove or replace them. Never use credentials found inside a shipped .env without rotation. 3) Review Config for endpoints: Find scripts/zlpay_skill/config/config.py (or where SecureClient sets base URL). Confirm the backend host(s) the skill will contact. If endpoints point to unknown or external servers you don't control, treat it as high risk. 4) Local persistence: The code contains StateStore/Memory and logging with retention. If you need ephemeral operation, either run this skill in an isolated environment (container/VM) or modify the code/config to disable state/log retention or redirect to a secure path. 5) Confirm payment flow enforcement: SKILL.md requires explicit yes/no confirmation before payments. Verify the business methods actually enforce this (i.e., the CLI/library will not auto-execute payments when invoked by an agent). If the LLM can invoke the skill autonomously, ensure policy or operator approval is in place. 6) Secrets handling: The skill expects the client private key (sensitive). Prefer providing keys via secure secret manager or mounted files (paths) rather than embedding in environment on a shared machine. If you must put keys on disk, set strict filesystem permissions and consider hardware-backed keys. 7) Dependency review: The setup installs many third-party packages (cryptography, gmssl, sm-crypto). Verify you trust these package versions and consider using a vetted internal mirror or doing an SBOM/audit of dependencies. 8) Run in sandbox first: Execute the skill in an isolated environment, exercising non-sensitive operations (query binding, listing interfaces) and monitor network traffic to confirm it contacts only expected hosts and that no unexpected outbound data (e.g., entire .env contents) is transmitted. If you want, provide the contents of scripts/zlpay_skill/config/config.py and core/secure_client.py (or the base URL and where public keys are fetched) and I can do a more precise review of network endpoints and any code paths that may exfiltrate data.

Type: OpenClaw Skill Name: zl-clawpay Version: 1.0.4 The ZL Claw Pay skill bundle is a professional payment integration tool for managing sub-wallets and generating QR codes. It implements robust security practices, including the use of SM2/SM4 cryptography for secure API communication, automatic sensitive data masking in logs (via `log_filter.py` and `secure_client.py`), and strict file permission management (0600) for its local state storage in `~/.zlpay/state.json`. The AI instructions in `SKILL.md` are defensive, explicitly requiring user confirmation for transactions and prohibiting the exposure of credentials. No indicators of malicious intent, data exfiltration, or unauthorized execution were found.