Back to skill
Skillv1.0.0
ClawScan security
Ntriq X402 Alt Text · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 16, 2026, 12:00 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's stated purpose (WCAG alt text) matches its instructions, but it requires sending images and a payment header to an external service while declaring no credentials — a mismatch that raises privacy and operational concerns.
- Guidance
- This skill appears to do what it says (generate alt text) but it requires you to pay per call and to send image data to a third-party endpoint. Before installing: (1) Ask the publisher how the X-PAYMENT header is obtained and stored — the skill metadata does not declare any credential or env var for that token. Avoid pasting private payment keys into an agent prompt. (2) Consider privacy: any image you send (including base64) will go to x402.ntriq.co.kr — confirm their data-retention and sharing policy and whether images are stored. (3) If you need offline or privacy-preserving processing, prefer a local alt-text solution or a provider with documented auth flow. (4) Verify TLS and domain authenticity and test with non-sensitive images and a small payment before sending real data. If the publisher cannot explain how payments are securely handled (and how to supply the X-PAYMENT header without exposing secrets), treat the skill as risky.
Review Dimensions
- Purpose & Capability
- okName/description (alt text generator) match the instructions: POST an image (URL or base64) to the provider and receive WCAG-compliant alt_text and description. No unrelated capabilities or creds are requested.
- Instruction Scope
- concernRuntime instructions direct the agent to upload image data (URL or base64) to https://x402.ntriq.co.kr/alt-text and to include an X-PAYMENT header. Uploading arbitrary images to a third-party service can leak private or sensitive images; the SKILL.md does not constrain what can be uploaded or warn about privacy. The payment header requirement is referenced but not explained (how to obtain/populate it), creating ambiguity in agent behavior.
- Install Mechanism
- okInstruction-only skill with no install spec or code files; nothing is written to disk and no third-party packages are installed, which is low-risk from an install perspective.
- Credentials
- concernSKILL.md requires an X-PAYMENT header for a paid call but the registry metadata lists no required environment variables or primary credential. This is an inconsistency: the agent will need a payment token/secret but the skill doesn't declare where it should come from. That gap could lead the agent to prompt the user for a sensitive payment token or to handle it insecurely.
- Persistence & Privilege
- okalways is false and there is no install-time persistence or modification of other skills. The skill does not request elevated or permanent presence.