Ziptax Sales Tax

WarnAudited by ClawScan on May 10, 2026.

Overview

The skill is a straightforward ZipTax lookup, but its bundled lookup script can turn a crafted address into local Python code execution.

This skill's purpose is coherent, but avoid using the bundled scripts/lookup.sh helper until the address-encoding bug is fixed. If you install it, protect your ZIPTAX_API_KEY and only send address or coordinate data that you are comfortable sharing with ZipTax.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High

#ASI05: Unexpected Code Execution

What this means

A crafted address could run commands on the user's machine with the same privileges as the agent or shell running the script.

Why it was flagged

The user-controlled address string is interpolated into Python source code instead of being passed as data. An address containing Python string-breaking characters could execute arbitrary Python commands when the helper is run.

Skill content

--address)   ADDRESS="$2"; shift 2 ;;
...
ENCODED=$(python3 -c "import urllib.parse; print(urllib.parse.quote('$ADDRESS'))")

Recommendation

Do not use the helper with untrusted address text until fixed. Encode safely by passing the address as an argument, for example: python3 -c 'import sys, urllib.parse; print(urllib.parse.quote(sys.argv[1]))' "$ADDRESS", or use curl --get --data-urlencode.

Low

#ASI03: Identity and Privilege Abuse

What this means

Anyone who can read or misuse the API key may consume the user's ZipTax quota or view account usage details.

Why it was flagged

The skill requires a provider API key for ZipTax requests. This is expected for the stated purpose, but it is still an account credential that can consume quota and access account metrics.

Skill content

Set `ZIPTAX_API_KEY` env variable with your API key from https://platform.zip.tax ... **Never share your API key publicly.**

Recommendation

Use a dedicated limited-scope ZipTax key if available, keep it out of logs and shared prompts, and rotate it if exposed.

Info

#ASI07: Insecure Inter-Agent Communication

What this means

The user's address, ZIP code, or coordinates may be shared with ZipTax to perform the lookup.

Why it was flagged

The skill sends user-provided location data to the external ZipTax API. This is clearly disclosed and purpose-aligned, but addresses and coordinates can be sensitive.

Skill content

Make GET request to `https://api.zip-tax.com/request/v60` ... Determine lookup type: address (best), lat/lng, or postal code

Recommendation

Only look up locations the user intends to send to ZipTax, and avoid submitting unnecessarily sensitive addresses.