Vaultline
ReviewAudited by ClawScan on May 14, 2026.
Overview
Vaultline looks like a coherent file-storage helper, but it can trigger wallet-signed payments without clear confirmation or spending limits.
Install only if you are comfortable with an agent using Vaultline storage and wallet-based authentication. Require confirmation before any x402 payment, use a low-balance or scoped wallet, choose the private tier for sensitive files, and remember that private is wallet-restricted but not encrypted.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could incur Vaultline/x402 charges if the agent follows the retry flow without an explicit payment confirmation step.
This directs the agent to perform paid retries, but the artifact does not require showing the amount, confirming with the user, setting a spend cap, or otherwise bounding financial impact.
If the server returns `402`, parse the `payment-required` header. Create/sign the x402 payment payload. Retry the same request with the payment header.
Require user approval before any payment, display the requested amount and recipient, and support a user-configured per-action and session spending limit.
If the agent is allowed to sign as a wallet, it can authenticate private Vaultline operations as that wallet.
The skill needs wallet identity/signature material to access private objects. This is expected for wallet-restricted storage, but it is sensitive authority.
For private operations, send: - `x-auth-wallet` - `x-auth-timestamp` - `x-auth-signature` ... The signature must cover: HTTP method, request path, wallet, timestamp
Use a dedicated low-risk wallet, review signature prompts, avoid exposing private keys to the agent, and scope any signer to Vaultline operations only.
Files may be accessible to anyone who knows the path if the agent uploads them without explicitly selecting the private tier.
The artifact discloses the behavior, but the default storage tier is public-by-key, which can surprise users if they upload sensitive files without specifying private.
Default to `open` if no tier is specified. ... Treat open files as readable by anyone who knows the path and satisfies any payment requirement.
Before upload, confirm the intended tier with the user and default sensitive, internal, or customer data to private rather than open.
Runtime behavior may depend on npm package code that is outside the supplied artifacts.
The skill depends on an external npm SDK, but the provided artifact set contains only instructions and reference files, so the package implementation was not reviewed here.
package: "@builtbyecho/vaultline-sdk"
Verify the npm package publisher and version, prefer pinned/locked installs, and review the SDK before granting wallet or payment authority.