ClawHub

aremes-catalog

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill is transparent about being a commerce catalog tool, but its instructions include order creation and a crypto payment flow without clear approval guardrails.

Before installing, decide whether you want your agent to interact with this merchant’s checkout/order APIs. Do not let it create purchase intents, verify orders, or make crypto payments unless you have explicitly approved the exact product, price, recipient, and contact information.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
Medium
What this means

An agent following these instructions could create checkout/order records, and an agent with separate wallet or payment capability could be led into an irreversible payment step.

Why it was flagged

The documented workflow includes financial/payment and order-creation actions, but the artifact does not show a requirement for explicit user approval, amount limits, or final review before these steps.

Skill content
x402 Payment flow... "2. Send the quoted USDC amount on Base to `payTo` address" ... Tool 5 ... "Record a Stripe-based purchase intent, creating a pending order with a checkout URL"
Recommendation

Use this only with explicit user confirmation before any purchase-intent, verification, checkout, or crypto transfer; verify product ID, license tier, amount, recipient, and buyer email first.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

Buyer contact details or notes could be shared with the external merchant service when creating a purchase intent.

Why it was flagged

The skill sends buyer contact and optional organization/message details to an external commerce endpoint. This is disclosed and purpose-aligned, but it is still a user-data transfer.

Skill content
POST https://ryanseslow.com/wp-json/rsmad/v1/purchase-intent ... `buyer_email` ... `buyer_name` ... `buyer_org` ... `message`
Recommendation

Only provide contact details you intend to share with the merchant, and avoid sending unrelated private information in the message field.