Clawhub Krump Verify
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a coherent blockchain verification guide, but it can let an AI authorize crypto payments and use private-key-style credentials, so it needs careful review.
Install only if you intend to use this agent for Krump Verify on Story Aeneid. Do not give it a main wallet or private key; use a dedicated low-balance wallet and dedicated relayer key. Manually approve every on-chain transaction, x402 signature, USDC.k approval, EVVM deposit, and deployment, and verify contract addresses, fee amounts, and the relayer URL first.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could approve or spend the user's crypto funds, consume payment receipts, or broadcast irreversible transactions if given wallet/signing access.
The skill instructs agents to perform paid, state-changing blockchain actions. The provided text emphasizes post-hoc auditability but does not show a clear requirement for fresh user approval before each spend, approval, deposit, signature, or contract write.
Agents can perform verifications autonomously; humans can audit on-chain. ... User/agent approves USDC.k for KrumpVerify: `approve(KrumpVerify, verificationFee)`.
Require explicit user confirmation for every transaction, approval, deposit, x402 signature, and contract broadcast. Use strict spend limits and verify the contract address and fee before signing.
A relayer private key or delegated wallet could authorize important account actions; misuse or leakage could affect receipts, payments, or deployed contract administration.
The skill introduces a private-key-bearing relayer and a privileged receipt-submitter role, while the registry metadata lists no required env vars or primary credential. That makes the privilege boundary under-declared for a payment workflow.
Local: `relayer/` — `RELAYER_PRIVATE_KEY`, `KRUMP_VERIFY_ADDRESS` ... Set `fly secrets set RELAYER_PRIVATE_KEY=0x...`; ... deployer gets RECEIPT_SUBMITTER_ROLE.
Use a dedicated low-privilege relayer key, never expose a primary wallet/private key to the agent, declare required secrets clearly, and confirm the exact role and spending authority granted.
Users cannot verify from the provided artifact what the referenced deployment or relayer code would do.
The manifest includes only SKILL.md, while the skill references deployment scripts and docs that were not provided for review. This is a reviewability gap, although no automatic install or execution is shown.
Script: `script/DeployAll.s.sol` ... Command: `./deploy.sh` or `forge script script/DeployAll.s.sol:DeployAll --rpc-url https://aeneid.storyrpc.io --broadcast ...`.
Review the actual deploy scripts, relayer code, and documentation from a trusted source before running any commands or broadcasting deployments.
The external relayer may see or handle payment authorization material and receipt information for the verification flow.
The payment flow relies on an external relayer service. This is purpose-aligned, but signed payment/receipt data and transaction coordination cross a trust boundary.
Production: Fly.io app `krump-x402-relayer` at `https://krump-x402-relayer.fly.dev`; frontend `VITE_X402_RELAYER_URL=https://krump-x402-relayer.fly.dev`.
Use only a relayer you trust, verify the URL and contract addresses, and understand what signed data is being sent before approving x402 or EVVM transactions.