Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
payment-402
v1.0.1Access protected APIs and digital resources via the x402 "Payment Required" protocol on Base L2. This skill automates cryptographic handshakes and USDC micro...
⭐ 0· 117·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md and the included scripts clearly require a CLIENT_PRIVATE_KEY and Bun to operate and use @paynodelabs/sdk-js to perform x402 handshakes and on-chain payments — this is coherent with the skill's described purpose. However, the registry metadata at the top of the record says "Required env vars: none" and "Primary credential: none", which contradicts the explicit required_env_vars and primary_credential declared in SKILL.md and used by the code. The source/homepage is also missing, which reduces provenance.
Instruction Scope
The runtime instructions and scripts stick to the payment flow: checking balances, minting test tokens (sandbox), requesting a protected resource and resolving 402 challenges via PayNode. They do not attempt to read unrelated host files or external secrets. However, the skill explicitly requires a private key and allows signing/broadcasting transactions; SKILL.md warns about thresholds and autonomous usage, but that capability is powerful and must be treated carefully.
Install Mechanism
This package is provided as source with a package.json and SKILL.md that instructs 'bun install'. The registry metadata claimed 'No install spec / instruction-only', which is inconsistent. Installing pulls dependencies from npm-like registries (@paynodelabs/sdk-js, ethers, dotenv) — expected for this function but moderate-risk compared to instruction-only skills. No suspicious download URLs or archive extracts were observed.
Credentials
The only secret requested is CLIENT_PRIVATE_KEY, which is necessary to sign payments and therefore proportionate to the stated purpose. The concern is twofold: (1) the registry metadata omitted this requirement (inconsistency), and (2) the skill requires the user to place a raw private key in a .env file — a sensitive practice. The SKILL.md does advise using a burner wallet and sets a human-approval threshold (>2 USDC), but those are guidance rather than enforced platform controls.
Persistence & Privilege
The skill does not request 'always: true' or elevated platform persistence. It can be invoked autonomously (platform default), which combined with the ability to sign and broadcast transactions increases risk, but autonomy itself is normal and expected for skills. There is no evidence the skill modifies other skills or system-wide settings.
What to consider before installing
This skill appears to implement the described PayNode x402 flow and uses the PayNode SDK and ethers — that is consistent with its purpose. However: (1) the registry metadata omits the fact that the skill requires a CLIENT_PRIVATE_KEY and Bun even though SKILL.md and the scripts require them; this discrepancy reduces trust and you should ask the publisher to correct the metadata and provide a verifiable source/homepage. (2) The skill requires a private key and will sign and broadcast transactions. Only use a dedicated burner wallet with minimal funds (as the README suggests), and never supply keys for your primary/mainnet wallet. (3) Test thoroughly on the provided sandbox/testnet (Base Sepolia) before any mainnet use. (4) Verify the dependency @paynodelabs/sdk-js is legitimate (check registry/package homepage) to avoid typosquatting. (5) If you need stronger controls, require manual human confirmation for any transaction (do not allow autonomous use) or run the skill in an isolated environment. If you are not comfortable with these risks or the missing provenance, do not install until metadata and source are clarified.Like a lobster shell, security has layers — review code before you run it.
-deprecatedvk97e1vkq4zn47zq33e7v338fkd83gz5ydeprecatedvk97fcwhme428jmjxd14rwsyzp183hvhblatestvk97e1vkq4zn47zq33e7v338fkd83gz5yweb3 payment base-l2 x402 zero-trust autonomous-agentvk97fcwhme428jmjxd14rwsyzp183hvhb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.