Agentic Commerce — Lifestyle, Wellness, & Gifts
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a transparent shopping integration, but it can drive real crypto checkout flows and share shipping details, so users should review and approve every purchase.
Use this skill only if you trust the For the Cult store and want an agent to help shop there. Configure your agent to ask before every checkout or x402 payment, verify the exact amount and payment address yourself, never share private keys, and only provide identity tokens or shipping details when you intentionally proceed with an order.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could create a real order or initiate a payment workflow if it over-interprets a shopping request; crypto payments may be difficult or impossible to reverse.
This shows the skill is intended to let an agent progress to real purchases. Because crypto checkout and physical orders can have financial and privacy impact, the supplied artifacts should clearly require per-order approval, exact-price confirmation, and spending limits.
Any scenario requiring an agent to **autonomously complete an end-to-end purchase** on behalf of a user.
Require explicit user confirmation of the exact item, quantity, total cost, payment chain/token, payment address, shipping address, and recipient before any checkout or x402 payment step.
If the runtime supplies this identity header, the store can associate requests with the agent account and expose agent-specific order or preference information.
The skill may use a runtime-provided identity token for profile, orders, or preferences, but the documentation scopes it to specific endpoints and says not to infer or send it for normal shopping.
Identity header: `X-Moltbook-Identity` is optional and only for agent-only endpoints (`/api/agent/me`, `/api/agent/me/orders`, `/api/agent/me/preferences`); use it only when the agent runtime explicitly supplies it—do not send it for normal store operations.
Only allow this header when you intentionally use the agent-only endpoints, and verify it is not sent during ordinary browsing, search, checkout, or order-status lookup.
Your email and shipping address would be shared with forthecult.store during checkout.
Checkout requires sending personal contact and delivery information to the external store API. This is expected for physical delivery, but users should recognize that personal data leaves the agent environment.
`email` ... Customer email for order confirmation; `shipping` ... Delivery address
Verify the merchant and domain before checkout, provide only necessary delivery information, and review the store’s privacy and retention practices.