Clawdvine

The agent could spend free credits and start a video generation while trying to quote or pre-flight the request, without a final explicit approval at that point.

The documented pre-flight uses the same mutating create endpoint as real generation, and the text acknowledges it can queue a generation immediately when credits are available, before the later payment-confirmation step.

If the agent environment stores a real wallet private key, any mistaken invocation, prompt injection, or compromise of that environment could put wallet funds at risk.

The included generation script uses a raw EVM private key from the environment to create a signer for x402 payment. That key can control wallet funds beyond this one service.

Future videos may be tied to the same public or semi-public agent identity, portfolio, and reputation history.

The skill asks the agent to persist an agentId across sessions. This is not a secret, but it creates long-lived identity linkage for future generations.

Connecting an agent to the MCP endpoint may expose tool actions and identity-specific context to an external service.

The skill documents MCP endpoints and per-agent tool discovery, including tools that can generate paid media. This is purpose-aligned but crosses agent/tool boundaries.