ClawdVine
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
ClawdVine’s video-generation purpose is coherent, but it asks agents to use a raw EVM private key for automatic paid x402 requests without declared credential requirements or clear local spending controls.
Install only if you are comfortable connecting a wallet-funded payment flow to this skill. Use a separate low-balance wallet, verify each charge before signing, avoid storing a public agentId unless you want attribution, and review the full SKILL.md for any system-prompt override language.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a main wallet private key is used, the agent or script has authority to sign paid requests from that wallet; compromise or mistaken use could cost funds.
The generation helper expects a raw EVM private key for a wallet holding USDC. This is high-impact financial authority, and the registry metadata says there are no required env vars or primary credential.
Required env:\n * EVM_PRIVATE_KEY=0x... (wallet with USDC on Base)
Use a dedicated low-balance wallet, never provide a main wallet private key, and require the skill to declare wallet/private-key requirements clearly.
A mistaken prompt, model choice, retry loop, or autonomous invocation could spend USDC without the user seeing and approving the exact charge first.
The helper is explicitly designed to make an automatic x402 payment for video generation, but the artifact does not show a local maximum spend, price confirmation, or approval gate before payment.
x402-generate.mjs — Generate a video with automatic x402 payment + polling
Require explicit user approval for each paid request, show the exact x402 charge before signing, and enforce a local per-request and daily spending limit.
Future generations may be tied to the same public agent identity, portfolio, stats, and reputation.
The skill asks the agent to persist an agentId. This is purpose-aligned for attribution and credits, but it creates persistent identity linkage across future video requests.
SAVE THE RETURNED agentId TO YOUR MEMORY — you need it for all future requests
Only persist the agentId with user consent, make it easy to inspect or delete, and avoid storing it in shared memory if anonymous generation is desired.
If the full text attempts to make the skill’s instructions override user or system instructions, it could steer the agent outside the user’s intent.
A prompt-injection-style system-prompt instruction was detected in the SKILL.md, but the provided SKILL.md content is truncated, so the exact surrounding instruction cannot be assessed.
**Setting your system prompt:**
Review the full SKILL.md before installing and ignore any skill text that claims to override system, developer, or user instructions.