Hypha Payment
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is coherently about Hypha agent payments, but it can direct real USDT transfers and handles wallet seed/private-key material without enough safety guardrails.
Review carefully before installing or using this with real funds. Use testnet first, pin and verify the Hypha SDK, generate wallet secrets securely, do not paste or pass seed phrases through command-line examples, and require explicit confirmation for every payment, escrow, or task-completion action.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone who obtains the seed phrase may be able to recreate the wallet identity and control funds associated with it.
The setup script accepts the wallet-controlling seed as a command-line argument and prints it. SKILL.md states that one seed controls the agent identity and wallet, so this can expose a payment credential through shell history, process listings, logs, or console output.
seed_phrase = sys.argv[1]
...
print(f" Seed Phrase: {seed_phrase}")
...
print(f' agent = Agent(seed="{seed_phrase}")')Do not use a human-readable or reused seed for real funds. Generate high-entropy secrets securely, avoid passing them on the command line, do not print them, and document credential handling in the registry metadata.
An agent following these instructions could initiate payment or escrow actions with the wrong recipient, amount, network, or task terms.
The skill documents direct USDT payment and escrow-hiring actions, but does not instruct the agent to get explicit user approval, verify the recipient, show transaction details, enforce limits, or provide a dry-run before moving funds.
result = wallet.send_payment(to="0xRecipientAddress", amount_usdt=5.00)
...
escrow_id = await agent.hire(
peer="0xProviderAddress",
amount=10.0,Require an explicit user confirmation step before any payment, escrow creation, or release; display recipient, amount, network, fee, contract address, and reversibility before execution.
Users may attempt mainnet payments or rely on contracts that are not actually documented as deployed for mainnet.
The reference says the system is testnet-only, while SKILL.md advertises Base L2 USDT settlement and shows a `https://mainnet.base.org` payment example. This mismatch can mislead users about production readiness and real-funds safety.
### Mainnet (Base) - TBD — testnet only for now
Make the skill clearly testnet-only until mainnet contracts are published, and keep examples defaulted to testnet unless the user explicitly opts into mainnet.
The actual wallet and transaction behavior depends on code outside the provided artifacts.
The skill depends on an external, unpinned SDK package for wallet, discovery, and payment behavior. This is purpose-aligned, but the reviewed artifacts do not include the SDK code or a pinned version/hash.
pip install hypha-sdk
Install only a verified version of `hypha-sdk`, review its source before using real funds, and pin the package version in setup instructions.
A user or agent could trust incorrect peer information and send task details or funds to the wrong party.
The skill uses P2P/DHT discovery for agent information. That is central to the purpose, but discovered peer data and wallet addresses should be treated as untrusted unless identity verification is defined elsewhere.
DHT Configuration
- **Protocol**: Kademlia
- **Discovery Topic**: `hypha-agents`
- **Key Format**: `hypha:{topic}` → JSON array of agent info dictsVerify peer identity and wallet addresses out-of-band or with cryptographic signatures before sharing sensitive task details or making payments.