Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
X402engine
v1.3.2Pay-per-call API gateway skill — calls 63 APIs (LLMs, image/video gen, flights, hotels, crypto, web search) via x402 micropayments. Each call costs $0.001-$0...
⭐ 0· 376·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, required binaries (node), and installed packages (@x402/fetch, @x402/evm, viem) align with a payment-aware API gateway. The code uses an EVM private key to sign payments as expected. No unrelated credentials or binaries are requested.
Instruction Scope
The runtime fetches a remote service catalog (default https://x402engine.app/.well-known/x402.json) and uses that catalog to call arbitrary paid endpoints. The skill will read EVM_PRIVATE_KEY (or EVM_PRIVATE_KEY_FILE) and will write a state file (default .x402engine-state.json). Policy enforcement is present in code but only applied if a policy path is provided; autopreflightCheck returns 'bypassed' when no policy path is configured, meaning calls may proceed without local spend caps unless you explicitly configure X402_POLICY_PATH (CLI commands default to POLICY.example.json but programmatic invocation may not). The discovery/catalog mechanism and remote endpoints could cause the agent to contact and pay arbitrary external paygates; this is expected functionality but increases risk and deserves explicit user control.
Install Mechanism
Install uses npm packages from the public registry (package.json/package-lock.json list @x402/* and viem). No arbitrary downloads or extract-from-URL steps are present. This is a standard Node.js dependency footprint; however, install pulls a nontrivial dependency tree (see package-lock) so standard supply-chain considerations apply.
Credentials
The single required environment secret is EVM_PRIVATE_KEY (primary credential), which is coherent with the skill's purpose (signing micropayments). However, this is a high-privilege secret: possession of the private key allows on-chain transfers and signing. The SKILL.md does advise using a dedicated, limited-funds wallet, which you should follow. The skill also optionally reads EVM_PRIVATE_KEY_FILE and will read/provision policy/state paths; these are reasonable but increase attack surface if misconfigured.
Persistence & Privilege
always:false (good), but disable-model-invocation is false (default), so the agent may autonomously call this skill. Combined with a configured EVM_PRIVATE_KEY, that means the agent could autonomously sign and submit on-chain payments. The skill stores state to disk and may write policy/state files; it does not modify other skills. If you allow autonomous invocation and provide a funded key, you accept risk of automated spend unless you configure strict policy controls and use a dedicated wallet.
What to consider before installing
This skill does what it says — it will sign and submit on-chain micropayments using the EVM private key you provide. Before installing or enabling it: 1) Never supply your main wallet private key. Create a dedicated wallet with minimal funds for this skill. 2) Configure a local policy file and set X402_POLICY_PATH (point to a vetted policy) so spend caps and recipient allowlists are enforced; by default the code may bypass policy checks if no policy path is provided. 3) Consider setting X402_STATE_PATH to a controlled location and review POLICY.example.json (recipient allowlist, per-tx and daily caps). 4) Audit or host the discovery catalog yourself (set X402_DISCOVERY_URL or X402ENGINE_ORIGIN to a self-hosted catalog) so you control which paygates/services can be called. 5) If you do not want autonomous spending, prevent agent auto-invocation of skills (disable model invocation for this skill if the platform supports it) or do not provide EVM_PRIVATE_KEY as an env var; prefer ephemeral keys or manual signing workflows. 6) Because the skill will install third-party npm packages, run npm install in an isolated environment and review dependencies if you’re concerned about supply-chain risk. If you need help with concrete safe defaults (example policy that enforces allowlist and strict caps), ask and provide your preferred chains/assets and budget limits.Like a lobster shell, security has layers — review code before you run it.
latestvk971d0yt77jp1fsn4q6br4pwxs823hw8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⚡ Clawdis
Binsnode
EnvEVM_PRIVATE_KEY
Primary envEVM_PRIVATE_KEY
Install
Node
npm i -g @x402/fetchNode
npm i -g @x402/evmNode
npm i -g viem