风险评分

65/100 (Medium)

OpenClaw: suspicious
VirusTotal: benign
StaticScan: clean

ClawPay-Hedera

作者: Emad Qureshi
Slug:clawpay-hedera
版本:1.1.0
更新时间:2026-03-21 08:51:48
风险信息

OpenClaw: suspicious

查看 OpenClaw 分析摘要(前 200 字预览) 
The skill's purpose (Hedera micropayments, discovery, reputation) is coherent, but it instructs running remote npm code via npx and includes an example that could leak your private key in process argu...

[内容已截断]

VirusTotal: benign VT 报告

静态扫描: clean 

No suspicious patterns detected.
README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1774050554781,
        "_id": "k976tt8yap5pz5yzfny7beapq5838pzj",
        "changelog": "Security guidance added: testnet-only defaults, env var key handling, spending caps, open source links. Fixed metadata inconsistency (bins vs binaries). Added homepage URL.",
        "changelogSource": "user",
        "createdAt": 1774050554781,
        "parsed": {
            "clawdis": {
                "emoji": "🦀",
                "requires": {
                    "bins": [
                        "node",
                        "npx"
                    ],
                    "env": [
                        "HEDERA_PRIVATE_KEY"
                    ]
                }
            }
        },
        "version": "1.1.0"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "Emad Qureshi",
        "handle": "emadqureshikhi",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/153134761?v=4",
        "kind": "user",
        "linkedUserId": "kn75xmgbdp2bwxt6s8estj0f4d838559"
    },
    "ownerHandle": "emadqureshikhi",
    "skill": {
        "_creationTime": 1774048244115,
        "_id": "kd78ta324dmwshcmexwrtj1nh5839e7n",
        "badges": [],
        "createdAt": 1774048244115,
        "displayName": "ClawPay-Hedera",
        "latestVersionId": "k976tt8yap5pz5yzfny7beapq5838pzj",
        "ownerUserId": "kn75xmgbdp2bwxt6s8estj0f4d838559",
        "slug": "clawpay-hedera",
        "stats": {
            "comments": 0,
            "downloads": 32,
            "installsAllTime": 0,
            "installsCurrent": 0,
            "stars": 0,
            "versions": 2
        },
        "summary": "Pay for MCP tool calls on Hedera using x402 micropayments, discover AI agents via on-chain registry, check reputation before transacting, and submit ratings...",
        "tags": {
            "latest": "k976tt8yap5pz5yzfny7beapq5838pzj"
        },
        "updatedAt": 1774054308928
    }
}