Agentic Commerce - Buy IRL Items With USDC
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill’s shopping purpose is coherent, but it can accept raw crypto private keys and submit mainnet payments from remote API-generated transactions with limited verification.
Treat this as a high-risk payment skill. Searching products is low risk, but do not provide a private key or let an agent run buy-and-sign scripts unless you have reviewed the exact transaction, trust the Purch API, and are comfortable with an irreversible USDC payment.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent could submit an irreversible crypto payment without independently verifying exactly what the transaction does.
The script signs and submits a transaction returned by the remote Purch API using the provided private key, without displaying or validating the decoded recipient, amount, or contract actions before submission.
const txResult = await signAndSendTransaction(orderResult.serializedTransaction, options.privateKey, options.rpcUrl || clusterApiUrl("mainnet-beta"))Require explicit user confirmation, decode and display transaction details, verify amount/recipient against the order, and avoid allowing agents to run the payment-signing path autonomously.
If the private key is exposed through command history, process listings, tool logs, or misuse, wallet funds could be at risk.
The checkout flow asks for a raw wallet private key, which grants broad authority over the wallet and is not limited to a single purchase by the artifact itself.
--private-key <key> Hex private key 0x... for signing (required)
Use wallet-native signing, hardware wallets, or secure prompts instead of command-line private keys; declare this credential requirement clearly and scope signing to a reviewed transaction.
Purch will receive information needed to identify and ship to the buyer.
The script sends buyer email, wallet address, and shipping address to the Purch API, which is expected for checkout but involves sensitive personal data leaving the local environment.
payload = { "email": email, "walletAddress": wallet_address, "shippingAddress": shipping_address } ... f"{BASE_URL}/buy"Only provide this data when you intend to create a real order, and review Purch’s privacy and refund/order policies before use.
Future dependency changes or compromised packages could affect code that handles wallet signing.
The documented setup installs payment-signing dependencies without version pins or a lockfile in the provided artifacts.
pip install solana solders base58 ... bun add @solana/web3.js bs58 ... bun add viem
Pin dependency versions, use a lockfile, and install from trusted package registries before using the signing scripts.