Skillv1.0.0

ClawScan security

Ntriq X402 Compliance Check Batch · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 16, 2026, 12:00 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's documentation is internally inconsistent (claims local inference but instructs a POST to a remote API) and it requires a payment header without declaring how credentials or wallet keys are obtained, so the design is unclear and warrants caution.
Guidance: Do not install or invoke this skill without clarifying the following: (1) Confirm whether analysis truly runs locally or if data is sent to x402.ntriq.co.kr — the SKILL.md currently contradicts itself. (2) Ask the provider how to generate the X-PAYMENT header: will you need to sign with a wallet private key (never share private keys) or will the payment be handled via a secure wallet/UI? (3) Never paste or send sensitive personal, medical, or regulated data until you have a privacy/retention policy and guarantees about deletion. (4) Verify the x402 service (homepage, reputation, contact, and documentation) and test with non-sensitive dummy data first. (5) If the provider cannot explain the payment flow without requesting private keys or unexplained credentials, do not proceed. If you need help vetting their docs or composing questions to the vendor, provide them and I can help.

Review Dimensions

Purpose & Capability: concernThe README claims "100% local inference on Mac Mini" but the runtime instructions explicitly tell callers to POST user texts to https://x402.ntriq.co.kr/compliance-check-batch. That is a direct contradiction: either inference is local or it is a remote API. The skill also requires a payment header (X-PAYMENT) for a crypto payment flow yet the skill metadata declares no credentials or wallet integration—this mismatch is unexplained and disproportionate to a simple 'batch compliance' description.
Instruction Scope: concernInstructions are narrowly focused on sending up to 500 texts to a third-party endpoint and including an X-PAYMENT header. This means potentially sensitive data will be transmitted off-device. The SKILL.md does not describe how to obtain or produce the X-PAYMENT header, how the endpoint handles/retains data, nor any privacy or retention guarantees. That ambiguity expands the effective scope and raises privacy/exfiltration concerns.
Install Mechanism: okThere is no install spec and no code files; the skill is instruction-only, so nothing new is written to disk or installed by the skill itself.
Credentials: concernThe skill declares no required environment variables or credentials, yet it requires an X-PAYMENT header and references crypto payment on Base mainnet (EIP-3009). Either the caller must produce a signed payment token (which implies wallet private keys or a signing service) or a user must supply a payment header/token manually. The absence of declared env vars or guidance for secure signing is disproportionate and unclear.
Persistence & Privilege: okThe skill does not request persistent presence (always: false) and does not attempt to modify other skills or system settings according to the provided metadata.