Pluginv0.3.2

ClawScan security

StablePay OpenClaw Plugin · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 10, 2026, 6:50 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The plugin's code and SKILL.md mostly match the stated payment/wallet purpose, but there are inconsistencies around required environment variables, local state files, and use of CLI subprocesses that the registry metadata does not declare — review before installing.
Guidance: This plugin appears to implement the payment and wallet features it advertises, but pay attention to these points before installing: 1) Metadata mismatch: the registry lists no required environment variables, yet SKILL.md and the code require STABLEPAY_PLUGIN_MASTER_KEY (encrypts local state) and may use STABLEPAY_OWS_PASSPHRASE and STABLEPAY_OWS_REST_API_KEY. Treat those as sensitive secrets. 2) Local files and CLI: the plugin writes to ~/.stablepay-openclaw and spawns the 'ows' CLI (inherits your environment), so don't provide secrets you wouldn't want available to child processes. 3) Backend endpoints: defaults point to localhost (127.0.0.1:28080), but the plugin will call whatever backendBaseUrl you configure — ensure it points to a trusted endpoint before running payment flows. 4) Review the plugin's saved files (local state and policies) and the exact environment variables you'll export; prefer using the plugin with non-privileged test wallets and devnet RPC until you validate behavior. 5) If you need higher assurance, ask the publisher to update registry metadata to declare the required env vars explicitly, and audit openclaw.plugin.json and the code paths that read process.env.

Review Dimensions

Purpose & Capability: okName and description (StablePay wallet, DID registration, OWS signing, payment flows) align with the provided source files: runtime, client, transaction builders, OWS CLI wrappers, and API gateway payment settlement logic. The code implements Solana partial signing, building SPL transfer TXs, posting to /api/v1/pay, and local wallet state management — all expected for a payment plugin.
Instruction Scope: concernSKILL.md and the shipped code instruct the agent to create local wallets, register DIDs, write/read an encrypted local state under ~/.stablepay-openclaw, call a backend gateway (default http://127.0.0.1:28080) and run OWS signing via SDK/CLI/REST. The runtime spawns an external process ('ows' CLI) and invokes network requests to the configured backend. The instructions also require several environment variables (master key, fee payer, passphrase, REST API key) but the registry metadata lists none. This mismatch (undeclared envs referenced and files written) is a scope and transparency concern.
Install Mechanism: okThere is no install spec (instruction-only skill in the registry) and no downloads from arbitrary URLs. The repository contains source/dist files that will run inside OpenClaw; nothing in the manifest indicates additional installers or remote code pulls.
Credentials: concernThe registry metadata declares no required environment variables, but SKILL.md and the code require/expect at least STABLEPAY_PLUGIN_MASTER_KEY, STABLEPAY_FEE_PAYER_SOL, and optionally STABLEPAY_OWS_PASSPHRASE and STABLEPAY_OWS_REST_API_KEY. STABLEPAY_PLUGIN_MASTER_KEY and STABLEPAY_OWS_REST_API_KEY are sensitive; the plugin reads process.env directly and spawns the OWS CLI with env: process.env (child inherits full environment). The lack of declared required env vars in the registry is an incoherence and increases the chance of accidental secret exposure if users supply secrets without realizing the plugin will use them.
Persistence & Privilege: noteThe plugin persists encrypted local state, writes policy files under the user's home (~/.stablepay-openclaw), and registers tools with the agent (normal behavior). It does not request always:true or modify other skills. It will run child processes (ows) and can make network calls to the configured backend. These are expected for a wallet/payment plugin but are persistent and deserve review.