Ntriq X402 Invoice Extract
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a paid invoice-extraction API, but it claims “no cloud upload” while instructing the agent to send invoice images or URLs to a remote service.
Review this skill before installing. Only use it for invoices you are comfortable sharing with ntriq’s remote service, verify the provider’s privacy and retention policy, and set clear approval or spending limits for the $0.03 USDC x402 payments.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may believe invoice images stay local when the documented workflow can send them to the provider’s remote service.
The skill claims there is no cloud upload, but its documented workflow sends invoice data to a remote HTTPS endpoint, including the option to POST a base64-encoded invoice image.
“Local AI vision, no cloud upload, no API key” ... “POST https://x402.ntriq.co.kr/invoice-extract” ... “image_base64”
Clarify whether images are uploaded, fetched, stored, retained, or processed remotely, and remove or qualify the “no cloud upload” claim unless it is accurate from the user’s perspective.
Invoices may contain sensitive business, tax, customer, and payment information that could be exposed to the remote service without clear handling guarantees.
The skill asks the agent to provide invoice images or image URLs to an external provider, but the artifact does not define data boundaries such as retention, access, reuse, or deletion.
“image_url” ... “URL of invoice/receipt image” and “image_base64” ... “Base64-encoded invoice image”
Use only invoice images you are willing to share with the provider, and require clear privacy, retention, and deletion terms before using this with sensitive documents.
Each invocation may authorize a small crypto payment, and repeated calls could accumulate charges.
The x402 payment header is expected for this paid service, but it represents wallet/payment authority and can spend USDC per call.
“X-PAYMENT: <x402-payment-header>” and “Price: $0.03 USDC per call” on “Base mainnet”
Ensure the agent asks before paid calls where appropriate, and use wallet/payment controls or spending limits for x402 payments.