Skip to main content

paypilot

Facilitates payment processing, invoicing, and fraud detection through a secure API, enhancing transaction management for businesses.

Install this skill

or
55/100

Security score

The paypilot skill was audited on Feb 28, 2026 and we found 25 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 39

Curl to non-GitHub URL

SourceSKILL.md
39curl -s "https://paypilot.agms.com/v1/auth/register" -X POST \
medium line 46

Curl to non-GitHub URL

SourceSKILL.md
46curl -s "https://paypilot.agms.com/v1/auth/login" -X POST \
medium line 53

Curl to non-GitHub URL

SourceSKILL.md
53curl -s "https://paypilot.agms.com/v1/auth/configure" -X POST \
medium line 83

Curl to non-GitHub URL

SourceSKILL.md
83curl -s "https://paypilot.agms.com/v1/onboard" -X POST \
medium line 18

Access to hidden dotfiles in home directory

SourceSKILL.md
18path: ~/.config/paypilot/config.json
low line 32

Access to hidden dotfiles in home directory

SourceSKILL.md
32cat ~/.config/paypilot/config.json
low line 61

Access to hidden dotfiles in home directory

SourceSKILL.md
61mkdir -p ~/.config/paypilot
low line 62

Access to hidden dotfiles in home directory

SourceSKILL.md
62cat > ~/.config/paypilot/config.json << 'EOF'
low line 69

Access to hidden dotfiles in home directory

SourceSKILL.md
69chmod 600 ~/.config/paypilot/config.json
low line 100

Access to hidden dotfiles in home directory

SourceSKILL.md
100CONFIG=$(cat ~/.config/paypilot/config.json)
low line 117

Access to hidden dotfiles in home directory

SourceSKILL.md
117jq --arg t "$NEW_TOKEN" '.token = $t' ~/.config/paypilot/config.json > /tmp/pp.json && mv /tmp/pp.json ~/.config/paypilot/config.json
low line 118

Access to hidden dotfiles in home directory

SourceSKILL.md
118chmod 600 ~/.config/paypilot/config.json
low line 4

External URL reference

SourceSKILL.md
4homepage: https://agms.com/paypilot/
low line 29

External URL reference

SourceSKILL.md
29PayPilot connects to a hosted API proxy at `https://paypilot.agms.com`. On first use, check for credentials:
low line 39

External URL reference

SourceSKILL.md
39curl -s "https://paypilot.agms.com/v1/auth/register" -X POST \
low line 46

External URL reference

SourceSKILL.md
46curl -s "https://paypilot.agms.com/v1/auth/login" -X POST \
low line 53

External URL reference

SourceSKILL.md
53curl -s "https://paypilot.agms.com/v1/auth/configure" -X POST \
low line 64

External URL reference

SourceSKILL.md
64"api_url": "https://paypilot.agms.com",
low line 83

External URL reference

SourceSKILL.md
83curl -s "https://paypilot.agms.com/v1/onboard" -X POST \
low line 89

External URL reference

SourceSKILL.md
89> "Great! To finish your application, complete the form here: **https://agms.com/get-started/**
low line 272

External URL reference

SourceSKILL.md
272- **OpenAPI Spec:** `https://paypilot.agms.com/openapi.json`
low line 273

External URL reference

SourceSKILL.md
273- **AI Plugin Manifest:** `https://paypilot.agms.com/.well-known/ai-plugin.json`
low line 274

External URL reference

SourceSKILL.md
274- **LLM Resource Index:** `https://paypilot.agms.com/llms.txt`
low line 275

External URL reference

SourceSKILL.md
275- **Landing Page:** `https://agms.com/paypilot/`
low line 276

External URL reference

SourceSKILL.md
276- **ClawHub:** `https://clawhub.ai/agmsyumet/paypilot-agms`
Scanned on Feb 28, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categorymarketing
UpdatedApril 4, 2026
openclawapigrowth-marketerproduct-marketersales-operationscustomer-success-manageraccount-executivestripepaypalmarketingsales
openclaw/skills