ClawHub
Back to skill
v0.1.0

ChaosChain ACE (Phase 0)

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:41 AM.

Analysis

The skill is coherent and openly about x402 API payments, but it would let an agent spend wallet funds through session keys, so it needs careful review before installation.

GuidanceOnly install this if you are comfortable giving the agent bounded authority to spend wallet funds on x402 API calls. Use a separate low-balance wallet, strict caps, short TTLs, exact package pins, and a clear way to revoke session keys.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Use when an agent needs autonomous API payments ... Execute first x402 call using the SDK interceptor.

The workflow permits agent-driven payment calls through an SDK interceptor after initial policy setup, but the artifact requires explanation rather than explicit approval for each payment.

User impactThe agent may make paid API calls automatically within the configured policy, which can create real spending without a separate confirmation step each time.
RecommendationRequire per-payment confirmation for higher-value calls, verify the exact endpoint and price before payment, and keep spend limits low until the workflow is proven safe.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
npm install @chaoschain/ace-session-key-sdk@0.1.x ethers@6

The skill depends on external npm packages that are not included in the artifact and are specified with version ranges rather than exact locked versions.

User impactA different compatible package version could be installed later, and the reviewed artifact does not show the SDK code that would handle wallet payments.
RecommendationInstall from a verified source, pin exact package versions with a lockfile, and review the SDK before authorizing wallet-funded session keys.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
pay x402-gated APIs with bounded wallet-funded session keys

This delegates wallet-funded payment authority to an agent session key, which is sensitive financial authority even when bounded by policy.

User impactIf configured incorrectly or used too broadly, the agent could spend funds from a wallet within the allowed limits.
RecommendationUse a separate low-balance wallet, set very small per-transaction and daily caps, require short TTLs, and confirm there is a clear revocation process before use.