magicpay

github.com/clawhub.ai/magicpay

Verdict: Proceed with caution

0 critical0 high9 medium

SCORE 55 / 100

$skillox install magicpaySoon

Why grade C?

score · 55 / 100

The current grade reflects 9 medium findings (6+ MEDs → C).

0 CRIT0 HIGH9 MED0 LOW

To reach a higher grade

B
Reach Btarget score 75
Resolve 4 of 9 MED (cap is 5).
A
Reach Atarget score 95
Resolve 7 of 9 MED (cap is 2).

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Latest scan findings

Scan crawl-k4mvqpb4m18tmjyfinqcnxwu · Thu, 28 May 2026 15:53:54 GMT · 4ms

med

No capability manifest declared

The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.

rule: no-manifest

▾

med

Link text shows "workflow.md" but points at github.com

The visible link text contains the domain `workflow.md`, but the URL actually targets `github.com`. This is a phishing/smuggling pattern — the reader sees one host, the agent fetches another. Either update the text or the URL so they match.

rule: anchor-href-mismatchline: 208CWE-601

▾

206 `cliUpdate`, or still fails after `init` (in which case run

207 `magicpay doctor`), follow the recovery rules in

208 [references/workflow.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/workflow.md).← text→workflow.md · href→github.com

2092. Start the product workflow: `magicpay start-session [name]`. This creates

210 the product session and product telemetry root before any browser child is

med

Link text shows "statuses.md" but points at github.com

The visible link text contains the domain `statuses.md`, but the URL actually targets `github.com`. This is a phishing/smuggling pattern — the reader sees one host, the agent fetches another. Either update the text or the URL so they match.

rule: anchor-href-mismatchline: 241CWE-601

▾

239 `matcher_unavailable`, `browser_connection_failed`, and

240 `page_resolution_failed` -> follow

241 [references/statuses.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/statuses.md).← text→statuses.md · href→github.com

2426. Resolve and fill it: `magicpay resolve-form <fillRef>`.

243 MagicPay picks the request path (`auto`/`confirm`/`provide`) and fills the

med

Link text shows "workflow.md" but points at github.com

rule: anchor-href-mismatchline: 292CWE-601

▾

290When the flow deviates — changed forms, denied approvals, ambiguous forms,

291page changes mid-fill — consult

292[references/workflow.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/workflow.md) and← text→workflow.md · href→github.com

293[references/statuses.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/statuses.md).

294

med

Link text shows "statuses.md" but points at github.com

rule: anchor-href-mismatchline: 293CWE-601

▾

291page changes mid-fill — consult

292[references/workflow.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/workflow.md) and

293[references/statuses.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/statuses.md).← text→statuses.md · href→github.com

294

295## Ask-User Boundary

med

Link text shows "workflow.md" but points at github.com

rule: anchor-href-mismatchline: 392CWE-601

▾

390Open an extra reference only when it helps:

391

392- [references/workflow.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/workflow.md) — product-session-first← text→workflow.md · href→github.com

393 flow, browser child binding, recovery, changed-form sequence, and stop

394 conditions.

med

Link text shows "commands.md" but points at github.com

The visible link text contains the domain `commands.md`, but the URL actually targets `github.com`. This is a phishing/smuggling pattern — the reader sees one host, the agent fetches another. Either update the text or the URL so they match.

rule: anchor-href-mismatchline: 395CWE-601

▾

393 flow, browser child binding, recovery, changed-form sequence, and stop

394 conditions.

395- [references/commands.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/commands.md) — every CLI command.← text→commands.md · href→github.com

396- [references/statuses.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/statuses.md) — form and

397 sensitive-action outcomes, including `session_stop`.

med

Link text shows "statuses.md" but points at github.com

rule: anchor-href-mismatchline: 396CWE-601

▾

394 conditions.

395- [references/commands.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/commands.md) — every CLI command.

396- [references/statuses.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/statuses.md) — form and← text→statuses.md · href→github.com

397 sensitive-action outcomes, including `session_stop`.

398- [references/guardrails.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/guardrails.md) — escalation and

med

Link text shows "guardrails.md" but points at github.com

The visible link text contains the domain `guardrails.md`, but the URL actually targets `github.com`. This is a phishing/smuggling pattern — the reader sees one host, the agent fetches another. Either update the text or the URL so they match.

rule: anchor-href-mismatchline: 398CWE-601

▾

396- [references/statuses.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/statuses.md) — form and

397 sensitive-action outcomes, including `session_stop`.

398- [references/guardrails.md](https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/references/guardrails.md) — escalation and← text→guardrails.md · href→github.com

399 safety rules.

400

View latest scan →

skillox.io/c/magicpay

Skill facts

Latest grade: C · 55
Total scans: 1
Latest version: —
Last scanned: 2026-05-28
Source: clawhub.ai/magicpay

AIBOM

What this skill accesses

No manifest

Declared (from capabilities)

No capabilities block in frontmatter — the skill doesn't state what it should access.

Observed (from scan findings)

Nothing observed in the body.

AIBOM (Application Skills Bill of Materials) — see /docs/concepts/aibom for the format.

Version history

Only this scan

No other scans on record for this skill name. New scans appear here as the catalog re-crawls or creators request a re-scan.

Embed badge

Show this grade in your README.

Tracks the latest grade automatically. Updates within five minutes of every re-scan.

Markdown

[![SkillOx grade](https://api.skillox.io/badge/magicpay.svg)](https://skillox.io/c/magicpay)

Markdown · score

[![SkillOx score](https://api.skillox.io/badge/score/magicpay.svg)](https://skillox.io/c/magicpay)

HTML

<a href="https://skillox.io/c/magicpay"><img src="https://api.skillox.io/badge/magicpay.svg" alt="SkillOx grade"/></a>

reST

.. image:: https://api.skillox.io/badge/magicpay.svg
   :target: https://skillox.io/c/magicpay
   :alt: SkillOx grade

Coming soon

Creator verification badge, expert-review status, and Cosign-signed release attestation appear here as those layers ship. AIBOM + version history are live; the others follow once the creator portal completes its identity-proof + signing surface.