X402
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent x402 payment helper, but it can spend USDC, probe arbitrary URLs with mutating HTTP methods, and relies on an unpinned remote CLI package.
Only install this if you are comfortable with an agent discovering paid services and potentially making USDC payments. Before using payment features, verify the `awal` CLI source, use a dedicated low-balance wallet, inspect payment requirements first, require explicit approval for each paid call, and always set a small `--max-amount`.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or untrusted URL could be probed with methods that change or delete data on a service.
The discovery command may send mutating HTTP methods such as POST, PUT, DELETE, and PATCH to an arbitrary URL before confirming that the endpoint is payment-protected or safe to call.
Auto-detects the correct HTTP method (GET, POST, PUT, DELETE, PATCH) by trying each until it gets a 402 response
Limit discovery to safe methods by default, require explicit user approval before trying mutating methods, and verify the endpoint and method before use.
If the agent runs the pay command while authenticated, it could spend the user's USDC on paid API calls without a clearly enforced approval or spending limit.
The pay workflow spends USDC automatically, and the documented payment cap is optional rather than required.
Call an x402 endpoint with automatic USDC payment: `awal x402 pay <url> ... [--max-amount <n>]`
Require explicit user confirmation for each paid request, run the details command first, and always set a small `--max-amount` limit.
The agent may be able to use the logged-in account's payment authority, exposing the user's wallet balance to unintended spending.
The skill relies on an authenticated payment account or wallet with spendable funds, but the registry metadata declares no primary credential and the instructions do not bound account scope or payment authorization.
Pay: Must be authenticated (`awal auth login <email>`) with sufficient USDC balance (`awal balance`)
Use a dedicated low-balance wallet or account, confirm every paid action, and avoid logging in unless payment is explicitly needed.
The behavior of the CLI can change over time, including payment-handling behavior.
The skill executes the latest version of a remote CLI package at runtime; this is purpose-aligned, but the exact reviewed version is not pinned or included in the artifact.
Use the `npx awal@latest x402` commands
Verify the `awal` package source and consider pinning a trusted version before using it with an authenticated wallet.