v1.0.1

Agentic Commerce - Buy IRL Items With USDC

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 4:56 AM.

Analysis

The skill is coherent for shopping and crypto checkout, but it handles real shipping details and raw wallet private keys and can automatically sign and submit payments.

GuidanceReview carefully before installing or using. Treat this as a real-money checkout tool: do not provide a main wallet private key, use a low-balance wallet, verify product and total before signing, and understand that your shipping and contact information will be sent to api.purch.xyz.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

scripts/buy_and_sign.ts

console.log("🔐 Signing and submitting transaction..."); const txResult = await signAndSendTransaction(orderResult.serializedTransaction, options.privateKey, options.rpcUrl || clusterApiUrl("mainnet-beta"));

The script directly signs and broadcasts the serialized transaction returned by the remote purchase API after creating an order, without an artifact-shown transaction-detail review or separate confirmation step.

User impactIf the wrong product, amount, recipient, or API response is used, the user could authorize an irreversible crypto payment.

RecommendationUse a wallet-based checkout or limited-balance wallet, verify the product and total before signing, and add or require an explicit transaction preview/confirmation before broadcasting.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

pip install solana solders base58 ... bun add @solana/web3.js bs58 ... bun add viem

The documented helper-script dependencies are installed without pinned versions. These packages are relevant to the stated blockchain signing purpose, but users should install them intentionally and from trusted package registries.

User impactDependency versions may change over time, which can affect behavior or security of the signing helpers.

RecommendationPin and review dependency versions before using the signing scripts, especially on a machine that handles wallet keys.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

scripts/buy_and_sign.ts

--private-key <key>     Base58 private key for signing (required) ... keypair = Keypair.fromSecretKey(keyBytes); ... transaction.sign([keypair]);

The helper requires a raw wallet private key and uses it to sign transactions. That is expected for the crypto checkout purpose, but it is high-impact wallet authority and is not scoped to a spend limit or safer signing interface.

User impactProviding a private key can expose the user's wallet authority to the local command and any transaction it signs.

RecommendationDo not paste a primary wallet private key. Use a dedicated low-balance wallet, hardware/wallet-app signing where possible, and rotate funds if a private key was exposed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

scripts/buy.ts

const BASE_URL = "https://api.purch.xyz"; ... email: string; walletAddress: string; shippingAddress: ShippingAddress; ... body: JSON.stringify(params)

The order-creation flow sends buyer email, wallet address, and shipping address to the Purch API. This is necessary for checkout and shipping, but it is sensitive personal data going to an external service.

User impactThe external API receives personal delivery and contact information needed to fulfill the order.

RecommendationOnly use the skill if you are comfortable sharing shipping details with api.purch.xyz, and avoid sending unnecessary personal information.