Buddhist Counsel
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent invokes the skill repeatedly or automatically, it could spend the user's USDC balance without the user noticing each charge.
The skill uses an authenticated payment account to spend USDC on each request, but the instructions do not define per-request confirmation, budgets, rate limits, or other containment.
Pay $0.01 USDC per request via x402 protocol ... Payment | x402 automatic USDC via `npx awal@2.0.3 x402 pay`
Require explicit user approval before every paid request, set a small spending limit, and make clear which Awal account or wallet will be charged.
Personal mental-health information may leave the local conversation and be processed by an external service.
The required payload can contain sensitive mental-health or crisis details and is sent to a third-party endpoint; the provided artifacts do not describe privacy, retention, or consent controls.
URL (Production) | `https://anicca-proxy-production.up.railway.app/api/x402/buddhist-counsel` ... `situation` | string | MUST | Suffering description (max 2000 chars)
Ask the user before sending personal details, minimize identifying information, and provide clear privacy and retention terms for the external API.
Using the skill may run third-party CLI code through npx even though the registry lists no install requirements.
The skill depends on executing an external npm CLI for authentication and payment. The version is pinned and this is central to the stated purpose, but users still need to trust that package.
npx awal@2.0.3 status ... npx awal@2.0.3 auth login <email> ... npx awal@2.0.3 x402 pay
Verify the Awal CLI package source before use, and consider declaring npx/awal as an explicit requirement.