v2.0.2

LocalSquare - Local Business Ads

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:42 AM.

Analysis

This skill is coherently about buying a public LocalSquare ad pin, but it involves wallet signing, payment, and public business listing data that users should approve carefully.

GuidanceUse this only if you want an agent to help purchase a LocalSquare ad pin. Before approving, verify the website, facilitator, recipient address, network, amount, town, and square position; never provide raw private keys; and understand that submitted business contact details may become public and indexed.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

SKILL.md

ALWAYS confirm with the user before making any payment.

The artifact documents a paid claim workflow and correctly gates it on explicit user confirmation, making the payment action purpose-aligned but still high-impact enough to notice.

User impactThe agent may help initiate a paid API action that reserves a square and creates an ad pin.

RecommendationOnly approve claims you intentionally requested, and confirm the town, cell position, price, and total number of squares before payment.

Cascading Failures

SeverityMediumConfidenceHighStatusNote

SKILL.md

Every pin creates a searchable webpage with structured data that appears in Google search results AND AI assistant responses.

A single claim can publish business information into search and AI-visible surfaces, which is intended for advertising but can be persistent and broadly visible.

User impactBusiness details submitted for a pin may become publicly indexed and difficult to fully retract from search results.

RecommendationUse business contact information only, review the listing content before publishing, and make sure the business owner wants public indexing.

Human-Agent Trust Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

This early adopter pricing won't last forever.

The artifact uses urgency-oriented promotional wording around a paid transaction; this is disclosed marketing language rather than hidden behavior.

User impactA user could feel pressured to make a payment before independently evaluating the service and pricing claims.

RecommendationTreat pricing and SEO claims as promotional; verify the service, terms, and value before approving any payment.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The registry metadata lacks source and homepage provenance while the skill asks users to interact with an external payment-backed service.

User impactUsers have less registry-level provenance to rely on when deciding whether to trust the external service.

RecommendationVerify the LocalSquare domain, x402 facilitator details, terms, and payment recipient through trusted channels before signing.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

Required capabilities: Crypto wallet with USDC on Base network (chain ID 8453), external wallet signing

The skill requires access to a wallet-signing flow that can authorize spending funds, even though it instructs users to keep private keys out of the agent.

User impactA wallet approval can spend USDC if the amount or recipient is wrong.

RecommendationUse only an external wallet signer, never paste private keys, and verify the recipient, network, and amount in the wallet prompt before approving.