Skillv1.0.3

ClawScan security

Clawtar · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 14, 2026, 10:55 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only demo that matches its description: it teaches an agent how to detect a 402/Cashu paywall and either use cocod (with explicit user permission) or ask the human for a token to retry the request.
Guidance: This skill appears to do what it says: it's a demo flow for Cashu-gated HTTP requests. Before installing or using it, consider: (1) The skill will ask you for permission before spending — do not grant permission unless you understand the cost and trust the endpoint. (2) If you allow the agent to install or run cocod, verify cocod's source and integrity (downloading/executing third-party binaries has risk). (3) Any Cashu token you provide is a spending credential—treat it like money and only paste it into trusted endpoints. (4) If you do not want autonomous spending, refuse install/permission requests and instead provide tokens manually when needed. Additional confidence would come from a known source/homepage or included code (this is an instruction-only demo with no provenance), so exercise usual caution when granting payment permissions.

Review Dimensions

Purpose & Capability: okThe name/description (Cashu paywall handling) align with the SKILL.md: it documents detecting HTTP 402, reading x-cashu, settling via cocod or a user-supplied token, and retrying with X-Cashu. The skill does not request unrelated credentials or system access.
Instruction Scope: noteInstructions are narrowly scoped to making the POST to the specified endpoint, reading the response header, and either calling cocod or asking the user for a token. The SKILL.md explicitly advises asking user permission before spending. It does suggest installing/using cocod (an external payment tool) which will require the agent to perform network/download and execute a separate binary if the human allows — the skill itself does not include or run that code.
Install Mechanism: noteThere is no automated install spec (instruction-only). However the doc links an external cocod resource (https://clawhub.ai/Egge21M/cocod). If you choose to follow that path, review cocod's source and distribution before installing; the skill does not itself download or install anything.
Credentials: okThe skill declares no environment variables, no credentials, and no config paths. Asking the human for a Cashu token is appropriate for the described purpose, but any token the user supplies grants spending power and should be treated sensitively.
Persistence & Privilege: okThe skill is not always-enabled, does not request persistent system-wide changes, and contains no code that modifies other skills or agent settings. It relies on runtime prompts to the user for permission to spend or to install additional tooling.