Spraay Payments
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Spraay integration, but it can direct an agent to make wallet-funded crypto payments and other paid gateway actions without explicit guardrails, so users should review it before use.
Install only if you are comfortable with your agent using Spraay's gateway for crypto and paid x402 requests. Use a limited wallet, verify the gateway URL, and require manual confirmation for every transfer, swap, approval, scheduled action, upload, and outbound message.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken prompt, address, token, amount, or chain could cause unintended crypto payments or notifications.
The documented workflow has the agent proceed to a batch crypto payment and outbound notifications, but the artifacts do not specify a mandatory confirmation step or transaction limits before high-impact financial actions.
Agent steps: 1. Resolve any ENS/Basename addresses via `/api/resolve` 2. Get current USDC price via `/api/price?symbol=USDC` (confirm peg) 3. Send batch payment via `/api/batch-payment` 4. Check tx status via `/api/tx-status` 5. Send confirmation emails via `/api/email/send`
Require explicit user approval immediately before every payment, swap, approval, scheduled payment, and outbound message; show recipient, amount, token, chain, fees, and destination first.
The agent may incur paid gateway charges or use wallet authority in ways the user did not explicitly review.
This indicates delegated wallet/payment authority for paid calls, but the artifacts do not define per-call approval, spend caps, or which wallet/account is authorized.
Payments are made per-request via x402 (HTTP 402 → pay → retry). Your agent's wallet handles this automatically if you have a Coinbase CDP wallet or any x402-compatible facilitator.
Use a dedicated low-balance wallet, set spending limits where possible, and require confirmation before retrying paid x402 requests.
If used, scheduled jobs or payment templates could keep acting after the original task is finished.
The skill documents endpoints that can create continuing or future actions, including scheduled payments and cron jobs.
`/api/cron/create` | POST | Create scheduled job ... `/api/webhook/register` | POST | Register webhook listener ... `/api/schedule/payment` | POST | Schedule future payment ... `/api/template/execute` | POST | Execute template
Only create schedules, webhooks, or templates on explicit request, record what was created, and provide a review/delete step after setup.
Sensitive payment details, reports, messages, or AI prompts could be shared with third-party services when those endpoints are used.
The skill discloses that prompts, messages, files, and blockchain requests may be routed to external providers.
AI inference — Pay-per-query AI chat via OpenRouter ... Email/XMTP messaging — Send payment confirmations and notifications ... IPFS storage — Pin files to IPFS via Pinata ... RPC relay — Access 7 chains via Alchemy
Do not send confidential files, personal data, or private business details unless you intend to share them with the named providers and recipients.
Users have less provenance information to assess who maintains the skill and gateway instructions.
The registry metadata does not identify a source repository for this payment-focused skill, although the provided artifacts themselves do not show hidden install code.
Source: unknown
Verify the publisher, homepage, and gateway URL before use, especially because the skill involves payments.