x402 Private Search
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill matches its stated x402 paid-search purpose, but it can automatically sign crypto payments for arbitrary endpoints without visible price or service limits.
Install only if you are comfortable with a tool that can sign x402 payments from a wallet. Use a dedicated low-balance Base Sepolia wallet, verify the service URL and price before each request, avoid sensitive search terms, and do not reuse valuable private keys.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent is pointed at a costly or untrusted x402 endpoint, the wallet may sign and pay without the user reviewing the payment terms first.
The script accepts an arbitrary URL, registers the wallet signer, and uses payment-wrapped fetch automatically. The artifacts do not show a max spend, recipient allowlist, network restriction, or explicit approval before payment signing.
const url = args[0]; ... registerExactEvmScheme(client, { signer }); const fetchWithPayment = wrapFetchWithPayment(fetch, client); ... const response = await fetchWithPayment(url, fetchOpts);Require explicit user confirmation for each payment, enforce a maximum price and expected network, and restrict payments to trusted service URLs.
Anyone or any process with access to the private key can spend from that wallet; reusing a valuable wallet would increase the risk.
The skill uses an EVM private key for payment signing. This is purpose-aligned, but it is sensitive authority and is under-declared by the registry metadata, which lists no primary credential or required environment variables.
export X402_PRIVATE_KEY=$(cat ~/.x402-client/wallet.key) ... Or pass `--key-file ~/.x402-client/wallet.key` to each request.
Use a dedicated low-balance Base Sepolia wallet, do not reuse mainnet or personal keys, protect the key file, and declare the credential requirement in metadata.
A compromised or unexpectedly changed dependency could affect how wallet signing or paid requests are handled.
The user-directed setup installs external npm packages using version ranges, so future dependency updates could change payment-signing behavior outside the reviewed artifacts.
"dependencies": { "@x402/fetch": "^2.3", "@x402/evm": "^2.3", "viem": "^2.0" } ... npm install --quietPin exact dependency versions, provide a lockfile, and install only after reviewing the package sources.
Search queries and paid requests are sent to an external, changing service endpoint, which may not be appropriate for sensitive searches.
The known search gateway is a transient Cloudflare tunnel. This is disclosed, but the endpoint identity and stability are weak for a paid search provider.
URL: `https://nicholas-hopefully-plumbing-troubleshooting.trycloudflare.com` ... `This URL is a quick Cloudflare tunnel and may change on service restart.`
Verify the service operator and price before use, and avoid sending sensitive queries unless you trust the gateway.