Handshake58 DRAIN
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the configured wallet has funds, the MCP server and agent can authorize payments or on-chain transactions using that wallet.
The skill requires a wallet private key with authority to sign financial transactions. Even though this is purpose-aligned and the docs recommend an ephemeral wallet, it is high-impact delegated authority.
`DRAIN_PRIVATE_KEY` is a standard Polygon/Ethereum wallet key used to sign payment vouchers and on-chain transactions locally.
Use only a fresh, low-balance wallet; never use a main wallet; require manual approval for channel opening, approvals, and spending; and monitor the wallet and payment channels.
An agent could incur repeated costs, open channels, or leave funds locked if it acts too broadly or chooses a provider/session incorrectly.
The tool can automate provider selection, payment-channel management, and repeated paid requests. The artifact does not define mandatory user confirmation, hard spending caps, or clear stop conditions.
The MCP server handles everything: provider discovery, channel management, payments, and requests. ... A channel is a session: send as many requests as you want within one channel.
Before use, set strict spending limits, require user confirmation for paid actions, review provider pricing, and confirm channel close/reclaim steps.
If the npm package or its dependencies are compromised or differ from the documented behavior, the configured wallet and paid requests could be abused.
The documentation directs users to install a global external npm package and configure it with a wallet private key, but the supplied artifact set contains no package code for review.
npm install -g drain-mcp ... "DRAIN_PRIVATE_KEY": "0x_your_polygon_wallet_private_key"
Verify the npm package, repository, version, and integrity before installing; inspect the code if possible; avoid main-wallet keys; and run it in an isolated environment.
Prompts, files, or other request content sent through this MCP may be visible to the selected provider.
Requests and payment vouchers are sent to marketplace provider URLs. This is expected for the marketplace model, but it means prompts and request data may go to third-party providers.
POST {provider.apiUrl}/v1/chat/completions ... X-DRAIN-Voucher: {"channelId":"0x...","amount":"150000","nonce":"1","signature":"0x..."}Review provider identity and documentation before sending sensitive data, and avoid using confidential prompts unless you trust the provider and its privacy practices.