Locus
WarnAudited by ClawScan on May 10, 2026.
Overview
Locus appears purpose-built for crypto payments, but it gives an agent persistent wallet/payment authority with dynamic tools, including token approvals, so it needs Review before use.
Install only if you intentionally want your agent connected to a crypto wallet. Use a low-limit or restricted Locus API key, verify every recipient, amount, token, memo, and allowance change, and do not rely on email content alone as proof that a payment is legitimate.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overbroad tool call could initiate irreversible crypto transfers or risky token allowance changes if the user approves without careful review.
The agent is instructed to invoke dynamically discovered MCP tools, while the skill purpose includes sending payments and approving token spending. The artifacts do not clearly bound what tools may appear or require confirmation for every high-impact wallet mutation.
Tools are dynamic — each user gets different tools based on their permission group... Call any discovered tool: mcporter call locus.<tool_name>...
Require explicit confirmation for every wallet-changing action, including token approvals and batch sends; review the tool schema each time; use whitelists, low limits, and server-side spending caps.
Anyone or any agent workflow that can use this configuration may be able to act within the key's wallet permission group, potentially causing financial loss.
The skill asks for a wallet-linked bearer credential and stores it in a home-scoped mcporter configuration, granting ongoing delegated authority to payment tools.
You'll need a Locus API key to connect your wallet... each key is tied to your wallet and permission group... --header "Authorization=Bearer <API_KEY>" --scope home
Use a dedicated low-privilege Locus key, enforce transaction limits and whitelisted recipients, protect the mcporter config, and revoke the key immediately if it is no longer needed.
The local environment will trust whatever mcporter package/version npm resolves at install time.
The setup script can install the mcporter package globally from npm without a pinned version. This is purpose-aligned, but it adds external package trust.
if ! command -v mcporter &>/dev/null; then ... npm i -g mcporter
Install mcporter from a verified source, consider pinning a known-good version, and avoid running setup from an untrusted workspace.
Payment parameters, wallet-context requests, and authorization data are handled by the external Locus MCP service.
The skill routes tool discovery and payment-related calls through a remote MCP provider using the user's authorization token. This is expected for the integration, but the remote tool boundary and permissions are not inspectable in the artifacts.
mcporter config add locus --url "https://mcp.paywithlocus.com/mcp" --header "Authorization=Bearer <API_KEY>"
Only use this with a Locus account and permission group you trust, and verify the provider's privacy, logging, and key-revocation controls.