ClawHub

x402 Bazaar Bridge

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed x402 payment bridge that can spend wallet USDC on user-invoked paid API requests, with notable but purpose-aligned payment risk.

Install only if you intend to let this skill make paid x402 API requests using a Base USDC wallet. Use a low-balance wallet, set DAILY_BUDGET_USD conservatively, and consider fetch or resolve commands as spending actions that also send request URLs or query data to external services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation encourages fetch operations that can spend USDC and send user-supplied URLs or query data to third-party APIs, but it does not provide a clear, prominent warning that using the skill can trigger real monetary charges and external data disclosure. In this context, the combination of payment signing, remote requests, and examples that normalize paid calls makes accidental spending and unintended transmission of sensitive request data substantially more dangerous.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill can automatically sign and submit on-chain payment authorizations during fetch/resolve once a 402 response is received, with no per-transaction confirmation or allowlist check at execution time. In an agent setting, this creates a real risk of unintended spending if a malicious or misleading endpoint is selected, discovered through search, or invoked by prompt-driven automation.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal