ClawHub
Back to skill
v1.0.3

x402 Lotto

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:19 AM.

Analysis

This lottery skill is purpose-aligned, but it involves crypto-wallet payment authority and ticket purchases without declared credentials or clear per-purchase limits.

GuidanceReview carefully before installing or using. This skill should only be used with a dedicated low-balance wallet, explicit per-purchase approval, and clear limits on lottery, ticket count, and maximum USDC spend.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
| `/api/tickets` | POST | Purchase ticket |

Uses x402 protocol — EIP-712 off-chain signing, no gas fees. USDC on Base (8453).

The documented POST endpoint performs a paid ticket purchase using crypto payment signing. The instructions do not define confirmation requirements, spend limits, ticket quantity limits, or safeguards around this high-impact action.

User impactAn agent using this skill could spend funds on lottery tickets if it is given wallet access and asked, or allowed, to purchase tickets.
RecommendationRequire a clear user confirmation step that states lottery name, price, currency, network, ticket count, and total spend before any purchase request is made.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
SKILL.md
import { wrapFetchWithPayment, decryptKey } from '@x402/evm';

The usage example depends on an external package that is not installed or pinned by the skill artifact. This is not evidence of automatic execution, but users would need to verify the package source and version before using it with a wallet key.

User impactCopying the example may introduce unreviewed third-party code into a wallet-payment workflow.
RecommendationInstall wallet/payment dependencies only from verified sources, pin versions, and avoid using them with a high-value wallet.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
const wallet = decryptKey(process.env.KEY);
const fetch = wrapFetchWithPayment(wallet);

The skill instructs use of an environment-provided wallet key to create a payment-capable fetch client. A private wallet key is sensitive financial authority, and the artifacts do not bound which key, wallet, or spending authority should be used.

User impactIf configured with a real wallet key, the agent may be able to authorize payments from that wallet.
RecommendationUse only a dedicated low-balance wallet, require explicit approval for every payment, and declare the needed credential/env var clearly before installation or use.