v1.0.2

x402-payment-demo

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:20 AM.

Analysis

This demo is coherent, but it tells the agent to automatically make a TRON x402 payment and sign permits without clear confirmation, spending limits, or credential scoping.

GuidanceInstall only if you intend to test x402 payments and can keep it on a testnet wallet. Before use, confirm that the agent will not sign or pay automatically on mainnet, and require it to show the network, recipient/resource, amount, and wallet before any payment or permit signing.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

**Handle Payment**: Perform the payment and resource acquisition automatically as guided by the protocol (handling 402 Payment Required, signing permits, etc.).

This instructs the agent to automatically perform a payment and sign permits, but does not require explicit user approval, show payment amount, set a spending cap, or confirm the selected network before action.

User impactThe agent could authorize a blockchain payment or permit without the user reviewing the cost or account impact first.

RecommendationRequire explicit confirmation before any payment or permit signing, display the network, recipient/resource, amount, wallet/account, and make mainnet use opt-in only.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md

follow the instructions provided by the `x402-payment-tron` skill to fetch the protected resource

The skill relies on another skill to perform the payment flow, but that dependency is not included in the manifest or declared in the install/requirements metadata; this matters more because the delegated behavior involves payment and signing.

User impactUsers cannot assess from this package alone what code or instructions will handle wallet signing and payment execution.

RecommendationDeclare the dependency explicitly, provide provenance for the payment-handling skill, and document exactly what authority it will need.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

network: ... "TRON network to use (nile, shasta, mainnet). Default: nile" ... "signing permits"

Permit signing on TRON implies use of wallet/account authority, and the skill allows a mainnet option, but it does not define which account may be used, what permissions are needed, or how signing authority is bounded.

User impactIf connected to a funded wallet or mainnet account, the skill may use financial authority beyond what the user expected from a simple demo.

RecommendationLimit the skill to testnet by default, document required wallet permissions, prevent mainnet unless explicitly requested, and require approval for each signing operation.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceMediumStatusNote

SKILL.md

`https://x402-tron-demo.aibank.io/protected-nile` ... `https://x402-tron-demo.aibank.io/protected-mainnet`

The skill clearly discloses external protected-resource endpoints; payment protocol interactions may be sent to that provider, so users should understand the external data/payment flow.

User impactThe demo contacts an external service and may share payment-protocol messages with it.

RecommendationUse the default testnet endpoint unless intentionally testing another network, and review the endpoint and payment details before approving any signing.