Send real Document in the Mail via PostalForm
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: postalform-agent-mailing Version: 1.0.0 The skill bundle is designed to send postal mail via the PostalForm API, including handling x402 machine payments. The `SKILL.md` provides clear, detailed instructions for the AI agent, emphasizing security best practices such as using payment caps (`--max-amount`), preferring encrypted keystores over raw private keys, securely handling passwords (`--password` from runtime input), and avoiding logging sensitive information. While the skill involves inherently sensitive operations like financial transactions and document handling, the instructions explicitly mitigate risks and are entirely aligned with the stated purpose, without any evidence of malicious intent, data exfiltration beyond the service's needs, or unauthorized actions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly autonomous invocation could spend funds and send a physical letter to the wrong recipient or with the wrong contents, which may be difficult to undo after submission.
This directs the agent to perform a real-world action and make a payment. The artifacts include quote checks and a max-amount recommendation, but they do not require an explicit final human approval before submitting the paid physical-mail order.
Use when an agent must autonomously mail a real physical letter/document ... Create order and settle x402 payment ... Create payment using your wallet stack ... Retry the exact same request body with `PAYMENT-SIGNATURE`.
Require a final user approval gate before payment/order creation, showing the PDF or hash/preview, sender and recipient addresses, page count, quoted price, payment network, and max amount. Consider disabling autonomous invocation for the final send step.
If the agent or wallet configuration is misused, funds could be spent from the selected wallet up to the configured cap.
The example uses a local wallet keystore and password to authorize payment. This is expected for x402 payment, and the skill recommends a max amount and secure handling, but it is still sensitive financial authority and is not declared as a registry credential.
purl \ --wallet ~/.purl/keystores/my-wallet.json \ --password "$PURL_PASSWORD" \ --network eip155:8453 \ --max-amount 5000000
Use a dedicated low-balance wallet or limited spending profile, verify the units and value of `--max-amount`, provide passwords only through a secure prompt or secret store, and avoid exposing private keys or wallet passwords in logs.