Canopy
AdvisoryAudited by Static analysis on May 6, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A permitted payment could send funds to the wrong recipient or for the wrong amount.
The skill exposes a tool that can move real money, which is expected for a treasury-wallet skill but is a high-impact action if the agent or user makes a mistake.
`canopy_pay` | Send a USD payment to an address. Subject to policy.
Use `canopy_preview` for uncertain amounts, keep allowlists and spend caps tight, and verify recipient and amount before any payment.
Anyone or any agent with these credentials may be able to act as the configured Canopy agent within its policy limits.
The MCP server is configured with a bearer API key and agent identifier, which are expected credentials for this service but grant delegated treasury access.
"Authorization": "Bearer YOUR_CANOPY_API_KEY", "X-Canopy-Agent-Id": "YOUR_CANOPY_AGENT_ID"
Use the least-privileged Canopy agent and policy, keep the API key secret, rotate it if exposed, and remove the MCP config when no longer needed.
A careless or ambiguous approval response could authorize a real payment.
The skill can approve pending payments from chat. The artifact gives a clear safety constraint, so this is purpose-aligned, but it remains sensitive.
`canopy_approve` | Mark a pending approval as approved. Use only when the user has explicitly said yes in chat.
Only approve after the agent repeats the recipient name and amount, and avoid enabling chat approval for policies that require stronger human review.
Users have less registry-level provenance information to verify before granting payment credentials.
The registry metadata does not provide a source repository or homepage, while the skill instructs users to connect to an external Canopy MCP service. This is not suspicious by itself, but provenance matters for a payment integration.
Source: unknown; Homepage: none
Verify the Canopy dashboard and MCP URL independently before entering credentials, especially because this skill can spend funds.