Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
x402-development
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent instruction-only guide for x402 crypto payments, but it naturally involves private keys, transaction signing, and automatic payment flows that users should control carefully.
Install/use this skill only if you intend to develop x402 payment flows. Do not provide production private keys unless you have strong controls; start on testnets, use dedicated low-balance wallets, set spending limits, and review any code that automatically pays after an HTTP 402 response.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A funded key used with generated code can authorize real on-chain payments or facilitator transactions.
Why it was flagged
The skill declares private signing keys used to authorize wallet payments or facilitator actions.
Skill content
EVM_PRIVATE_KEY (optional) - EVM signer key for x402 client/server.; APTOS_PRIVATE_KEY (optional) - Aptos signer for x402 on Aptos.; FACILITATOR_KEY (optional) - Self-hosted facilitator signing key.
Recommendation
Use dedicated testnet or low-balance wallets, avoid sharing production private keys with general agents, and set explicit spending and network limits.
What this means
If adapted to untrusted endpoints without limits, an agent or app could pay for resources automatically.
Why it was flagged
The documented client wrapper can automatically create a signed payment when a paid endpoint returns HTTP 402.
Skill content
const response = await api.get("http://localhost:4021/weather");
// Payment handled automatically on 402 responseRecommendation
Require user confirmation or enforce budgets, maximum prices, trusted facilitator URLs, and endpoint allowlists before enabling automatic payment clients.
What this means
Persistent maximum approvals increase the impact of future misuse or compromised signing flows.
Why it was flagged
The EVM documentation includes a standard but broad token approval pattern that can persist on-chain.
Skill content
Direct approval - user submits `approve(Permit2, MaxUint256)` transaction
Recommendation
Prefer limited approvals where possible, use dedicated wallets, monitor token allowances, and revoke approvals when no longer needed.
What this means
Payment metadata and signed authorizations may be sent to the configured facilitator endpoint as part of normal operation.
Why it was flagged
Payment payloads are intentionally forwarded to a facilitator service for verification and settlement.
Skill content
Server -> POST /verify to Facilitator -> POST /settle to Facilitator
Recommendation
Use trusted facilitator endpoints, prefer test networks during development, and review what payment data is forwarded in production.