Back to skill
Skillv0.0.2
ClawScan security
Ordiscan · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 23, 2026, 7:36 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and required secrets are coherent with its stated purpose (signing x402 USDC payments on Base to pay Ordiscan), but it requires a sensitive private key so users should only proceed if they trust the skill and understand the payment flow.
- Guidance
- This skill legitimately needs a private key so it can sign x402 USDC payment authorizations — that is sensitive: only install/use it if you trust the skill source. Before using: (1) prefer an ephemeral or low-value wallet/key (do not reuse a high-value private key); (2) verify the recipient/payTo address printed by the signer before approving (the script logs the 'To' address and amount to stderr); (3) be aware that signing an ERC-3009 TransferWithAuthorization authorizes the payee to claim the stated USDC amount, so double-check the Payment-Required header content; (4) note the script will contact a Base RPC (BASE_RPC_URL defaults to https://mainnet.base.org) — if you want to control RPC trust, set BASE_RPC_URL to an RPC you trust; (5) confirm ~/.evm-wallet.json (if used) comes from a trusted wallet skill. If any of these are unacceptable, do not provide a private key to this skill.
Review Dimensions
- Purpose & Capability
- okThe skill's name/description (Ordiscan x402 payments) matches what it requires: a signer (X402_PRIVATE_KEY or wallet file) and node or an alternative wallet tool (awal). The included signing script implements EIP-3009-style TransferWithAuthorization for USDC on Base, which is necessary to produce the Payment-Signature header described in SKILL.md.
- Instruction Scope
- noteSKILL.md instructs the agent to read the user's X402_PRIVATE_KEY or, if unset, to extract a private key from ~/.evm-wallet.json (explicitly declared). Those actions are sensitive but directly related to signing payments. The instructions also run npm install to pull 'viem' and optionally call 'awal' if present; they do not reference unrelated system files or external endpoints beyond the Ordiscan API and an RPC URL.
- Install Mechanism
- okThis is instruction-only with a small included script and a package.json depending on 'viem'. There is no arbitrary URL download or extract step; installing dependencies is via npm (expected for a node-based signer).
- Credentials
- noteThe skill requires a single sensitive secret (X402_PRIVATE_KEY) and optionally reads ~/.evm-wallet.json — both are proportional to the described signing purpose. One minor mismatch: the script also honors BASE_RPC_URL (optional) but SKILL.md/metadata do not list it as a declared env var; this is low-risk but should be documented. No unrelated credentials are requested.
- Persistence & Privilege
- okThe skill does not request persistent/always-on inclusion and does not attempt to modify other skills or system-wide configuration. It simply provides a signing helper that runs on demand.