Back to skill
Skillv1.0.1
ClawScan security
x402 Agentic Creation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 3, 2026, 6:24 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill’s code, tools, and runtime instructions are internally consistent with its stated purpose of monetizing agent APIs via the GateX402 service; required credentials and network calls match that purpose.
- Guidance
- This skill appears to do exactly what it claims: register monetized APIs and manage USDC earnings with GateX402. Before installing, ensure you (or your platform) supply credentials correctly: keep the wallet private key and management token in host-controlled secure storage (do not expose them to the agent), enforce spending/withdrawal limits at the wallet or host layer, and whitelist only api.gatex402.dev if your environment uses domain whitelisting. If you want to avoid autonomous withdrawals, require manual approval for withdraw_funds or do not provide a live wallet private key to the runtime.
Review Dimensions
- Purpose & Capability
- okName/description, tools (provision/get_earnings/withdraw), skill.json, README, and code all align: they talk only to GateX402 (api.gatex402.dev) and implement wallet-signed provisioning, balance checks, and withdrawals as expected.
- Instruction Scope
- okSKILL.md and SKILL files limit actions to provisioning, pricing, earnings retrieval, and withdrawals. The runtime explicitly avoids returning raw management tokens or private keys to the agent and sanitizes API responses; no instructions request unrelated system files or external endpoints.
- Install Mechanism
- noteThere is no install spec in the skill bundle, but source includes a normal npm-style package (package.json, package-lock). Dependencies (viem, dotenv, zod) are appropriate for signing and API work. No arbitrary download URLs or extract steps are present.
- Credentials
- noteThe skill requires host-supplied credentials (wallet private key and a management token) to perform provisioning and withdrawals — this is necessary for on-chain signing and payouts, but it is high privilege. The skill documentation and code enforce token isolation (storeManagementToken/getManagementToken) and sanitize outputs.
- Persistence & Privilege
- notealways:false and no modification of other skills. However, because the host must inject a wallet private key and management token, allowing the agent to invoke the skill autonomously would permit it to trigger withdrawals; operators should treat that as a powerful capability and apply wallet/session spending limits or require explicit human approval for withdrawals.