x402 Private Web Tools
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent or user could cause the funded wallet to pay for requests, potentially outside the intended gateway or beyond the intended budget.
The CLI accepts a URL and automatically signs payment responses, but the reviewed code does not show a domain allowlist, price ceiling, or user confirmation before payment.
Usage: node x402-fetch.mjs <url> ... Automatically handles 402 Payment Required responses by signing USDC payments.
Use a dedicated low-balance wallet, require explicit approval for paid calls, and add a maximum price and allowed-domain check before signing x402 payments.
The wallet key is financial authority; if overused, mishandled, or exposed to unreviewed tooling, the wallet's USDC/ETH balance could be spent or lost.
The skill requires access to a funded EVM private key even though the registry metadata declares no primary credential and no required environment variables.
export X402_PRIVATE_KEY=$(cat ~/.x402-client/wallet.key)
Do not use a primary wallet. Treat the key as a high-value credential, keep only small balances, and declare the credential requirement clearly in metadata and setup instructions.
A compromised, changed, or incorrectly scoped external MCP package could receive the funded wallet key and perform paid actions.
The optional MCP path installs an unpinned global npm package not included in the reviewed artifact set and then runs it with the wallet private key.
npm install -g x402-tools-mcp ... X402_PRIVATE_KEY=0x... x402-tools-mcp
Pin and review the MCP package before use, avoid passing a funded key to unreviewed global packages, and prefer the included local scripts with a low-balance wallet.
A user may send funds to the wrong network or believe testnet funds are sufficient for a mainnet paid service.
This conflicts with SKILL.md and references/services.md, which describe Base mainnet payments; the mismatch could mislead users into funding or troubleshooting the wrong network.
console.log(`Network: Base Sepolia (eip155:84532)`); ... Get Base Sepolia ETH
Correct the wallet generator and documentation so they consistently state the intended network, and require users to verify the chain before funding.
The remote service can receive the queries and URLs submitted for search, scraping, or screenshots, even if the provider claims not to log them.
Search queries, scrape target URLs, and screenshot target URLs are sent to an external gateway; the zero-logging claim is not verifiable from the supplied artifacts.
Gateway: `https://search.reversesandbox.com` ... Zero logging, no API keys, no accounts.
Avoid sending sensitive or private URLs/queries unless you trust the gateway's privacy practices; the skill should document data handling and retention more clearly.