xClaw02
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: xclaw02 Version: 0.1.0 The OpenClaw AgentSkills skill bundle for 'xclaw02' is classified as benign. The skill's purpose is to facilitate x402 stablecoin payments, which inherently involves handling sensitive information like private keys and performing network transactions. However, the `SKILL.md` documentation provides clear instructions for the AI agent that are directly aligned with this stated purpose, including explicit security advice such as never exposing private keys, using environment variables for credentials, and always confirming payment amounts with the user. There is no evidence of prompt injection attempting to subvert the agent's behavior, no instructions for unauthorized data exfiltration beyond the payment protocol, and no signs of malicious execution, persistence, or obfuscation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent could spend the user's crypto funds on the wrong URL, amount, network, or recipient.
The skill can trigger real USDC payments to external resources. The instruction is purpose-aligned and includes confirmation and max-amount guidance, so this is a noteworthy capability rather than a concern.
"Pay for this API" | Use `xclaw02 pay <url> --max-amount <amount>` - always confirm amount with user first
Confirm the exact URL, price, token, network, recipient, and spending limit before allowing any payment command.
Anyone or any tool with access to the private key may be able to authorize payments from the wallet.
The skill uses a private key to sign x402 payments. That is expected for a crypto-payment skill, but the private key is sensitive account authority.
const signer = await createSigner('eip155:8453', process.env.XCLAW02_PRIVATE_KEY);Use a dedicated low-balance wallet, store keys securely, avoid sharing mnemonics/private keys, and set conservative max payment amounts.
Installing or running the wrong package version could expose wallet configuration or execute unreviewed code locally.
The setup depends on external npm/Python packages that are not included in the reviewed artifact and are not pinned in the instructions. This is common for CLI integrations, but users should verify package provenance before using it with wallet keys.
npx xclaw02 openclaw init ... pip install xclaw02
Install only from trusted package registries, verify the publisher/repository, prefer pinned versions where possible, and do not load a high-value wallet into unreviewed tooling.