Skillv1.0.7

ClawScan security

Breeze x402 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 19, 2026, 6:11 PM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's actions, required env var (WALLET_PRIVATE_KEY), and network usage are coherent with operating Breeze x402 payment-gated Solana endpoints, but you should treat the wallet private key and recommended npm dependencies with caution.
Guidance: This skill appears to do what it says, but it requires your Solana private key and asks you to persist it locally — which is sensitive. Before installing/using: 1) Never put the wallet-backup.json or .env into version control; add them to .gitignore. 2) Prefer using an ephemeral or funded test wallet with minimal funds for initial testing instead of your main wallet. 3) Audit the npm packages (@faremeter/* and @solana/web3.js) and confirm they are the intended, official packages; consider inspecting their code or using a reproducible install in an isolated environment. 4) Verify network endpoints (https://x402.breeze.baby and Solana RPC) are correct and expected. 5) If possible, use signing that keeps private keys off disk (hardware wallets or an external signer) to reduce exposure. These precautions reduce the risk of accidental key leakage even though the skill itself is coherent with its stated purpose.

Review Dimensions

Purpose & Capability: okName and description match the instructions: the skill performs balance checks, builds deposit/withdrawal transactions, and pays x402 micropayments on Solana. Required binary (node) and WALLET_PRIVATE_KEY are appropriate for signing and broadcasting Solana transactions.
Instruction Scope: noteSKILL.md sticks to endpoint interaction, preparing/signing txs, and using a payment wrapper. It instructs writing a wallet backup file and a .env containing the private key (usual for local scripts but risky if committed). All network calls are to the Breeze x402 URL and Solana RPC; there are no instructions to read unrelated system files or exfiltrate arbitrary data. The guidance to persist the secret to disk is a usability choice that carries security risk.
Install Mechanism: okNo automated install spec is provided (instruction-only). The guide asks the user to run npm install of several packages from the public npm ecosystem; this is expected but carries the usual third-party package risk. There are no downloads from untrusted URLs or archived extracts in the skill itself.
Credentials: okOnly a single required credential is declared (WALLET_PRIVATE_KEY) which is proportional to the need to sign transactions and pay micropayments. Optional vars listed in README are reasonable. No unrelated credentials or config paths are requested.
Persistence & Privilege: okSkill is instruction-only, not always-enabled, and doesn't request system-wide privilege or modify other skills. It suggests creating local files (.env, wallet-backup.json) but that is local persistence under user control.