Ntriq X402 Compliance Check Batch
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent paid compliance-analysis API, but users should review it because it sends texts to an external service despite ambiguous “local inference” wording and uses a USDC payment header.
Before using this skill, confirm that you are comfortable paying $9.00 USDC per call and sending the selected texts to x402.ntriq.co.kr. Treat the “100% local inference” statement as unclear unless the provider explains whether processing is local to your device or only local to their infrastructure.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Potentially sensitive business, legal, or compliance text could be sent to the provider even if the wording makes the processing location sound local.
The “100% local inference” claim is ambiguous because the documented workflow sends the texts to a remote provider endpoint. Users may incorrectly believe their compliance text stays local to their own machine.
Analyze up to 500 text inputs for compliance violations in one call. Flat $9.00 USDC. 100% local inference on Mac Mini. POST https://x402.ntriq.co.kr/compliance-check-batch
Clarify whether “local” means provider-side processing or user-device processing, and avoid sending confidential text unless you trust the provider and understand its data handling.
Calling the service can spend $9.00 USDC per request.
The skill requires an x402 payment header that can authorize a USDC payment. This is expected for the paid API and the price is disclosed, but it is still spend authority.
X-PAYMENT: <x402-payment-header> - Price: $9.00 USDC flat - Network: Base mainnet (EIP-3009 gasless) - Protocol: x402
Only provide or approve the payment header when you intend to buy the compliance check, and confirm wallet/payment prompts before use.
Private or regulated text included in the request may be exposed to the external provider.
The intended API request transmits user-provided text content to the external service for analysis. This is purpose-aligned, but the artifact does not describe retention, privacy, or secondary use.
"texts": [ "We collect user emails for marketing without explicit consent.", "All data is encrypted at rest using AES-256." ]
Avoid submitting sensitive or confidential content unless the provider’s privacy and retention terms are acceptable.