Agentic Commerce Relay
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill asks an agent to run an unreviewed crypto relay with a wallet private key to move USDC, while its metadata declares no credentials or included executable code.
Review this carefully before installing. Only use it with a dedicated low-balance wallet, never a main wallet private key. Inspect the actual relay code before running it, verify official CCTP contract addresses and destination details, and require manual approval for each transaction.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with a real wallet key, a mistake or bad parameter could move or burn funds on-chain in a way that may be irreversible.
The instructed workflow can initiate irreversible blockchain settlement using a private key and configurable chain/contract parameters, but the artifacts do not define user approval, amount caps, recipient checks, or address allowlists.
Use this skill when you need to settle USDC across CCTP-supported chains ... PRIVATE_KEY=0x... ... node scripts/cctp-bridge.js ... AMOUNT (default `1000000`, 1 USDC with 6 decimals)
Require explicit user approval for every transaction, show amount/source/destination/recipient/contract addresses before signing, use allowlisted official CCTP addresses, and use dry-run or simulation where possible.
A wallet private key can authorize transactions from that wallet, not just this one relay operation.
The skill requires a raw wallet private key, a highly privileged credential, while the registry metadata states there are no required env vars and no primary credential.
### Required env - `SRC_RPC` - `DST_RPC` - `PRIVATE_KEY`
Do not use a main wallet private key. Use a dedicated low-balance hot wallet, document the credential requirement in metadata, and prefer scoped signing flows or hardware/manual approval.
Users cannot inspect what code would actually run with their wallet key or whether it calls only the intended contracts.
The supplied artifact set has only SKILL.md and no code files, but the skill depends on referenced scripts and integrations. Because those missing files would handle private keys and financial transactions, the provenance gap is material.
From the repo root: ... node scripts/cctp-bridge.js ... This repo includes optional modules under `integrations/`
Provide the referenced scripts and lockfiles for review, pin dependencies, publish a verifiable source repository, and avoid running absent or unreviewed helper code with private keys.
Using the optional discovery feature may disclose payment-discovery metadata to Moltbook or another configured base URL.
The optional discovery module uses an external provider and API key for counterparty discovery. This is purpose-aligned, but users should recognize that payment-related discovery queries may leave the local environment.
MOLTBOOK_API_KEY=... \ MOLTBOOK_BASE_URL=https://www.moltbook.com \ node scripts/discovery-moltbook.cjs --submolt usdc --sort new --tag payment
Use a dedicated Moltbook API key, verify the base URL, and avoid sending sensitive counterparty or payment details unless needed.