v1.0.17

soho

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:52 AM.

Analysis

The skill appears aligned with its SOHO Pay purpose, but it requires a wallet private key and can send real mainnet financial transactions, with some registry/package identity ambiguity.

GuidanceInstall only if you intentionally want an agent to operate a SOHO Pay wallet. Use a dedicated low-balance key, start on testnet, independently verify the SOHO Pay contracts and publisher, and require explicit confirmation for every payment, approval, registration, or repayment.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

scripts/pay.js

let networkKey = "mainnet"; ... const signature = await wallet.signTypedData(domain, types, message); ... const tx = await creditorContract.spendWithAuthorization(

The payment path defaults to mainnet, signs authorization data, and submits the on-chain spend transaction without an artifact-backed confirmation step.

User impactA mistaken or overly broad agent instruction could result in a real payment or credit spend to the supplied address.

RecommendationDefault to testnet, add a mandatory confirmation prompt showing network, amount, recipient, contract, and fees, and consider merchant allowlists or spending caps.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

metadata / _meta.json

metadata: Owner ID: kn781e5mn4ekr955d0205f8tt581e7sx; Slug: soho; Source: unknown; Homepage: none. _meta.json: "ownerId": "kn7fyfh95dy5k9mz4065hb1ekn811wfc", "slug": "sohopay"

The registry identity and packaged metadata do not match, and there is no source/homepage provenance; that is a material ambiguity for code that handles a wallet private key.

User impactUsers may have less confidence that the installed financial code comes from the expected publisher or project.

RecommendationVerify the publisher, source repository, contract addresses, and package identity before providing any private key or using mainnet.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

PRIVATE_KEY ... must be provided ... Anyone running this bot must understand that the key controls whatever funds are on the selected network.

The skill intentionally takes control of a wallet private key for signing and transactions; that is high-impact delegated financial authority, especially on mainnet.

User impactIf configured with a funded key, the agent can use that wallet for SOHO Pay actions and potentially affect real funds or credit exposure.

RecommendationUse only a dedicated low-balance wallet, prefer testnet first, avoid reusing a main wallet, and require explicit per-transaction approval outside the skill.