LobPay
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its payment purpose, but it stores a raw wallet private key/API key locally and can execute purchases without built-in confirmation or spend limits.
Use this skill only with a dedicated low-balance wallet and a restricted LobPay API key. Set LOBPAY_API_URL explicitly, review the merchant and amount before every purchase, and avoid giving it a mainnet wallet or high-value private key unless you have added your own approval and spend-limit controls.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Any local process or person that can read the config file may be able to use the wallet key or LobPay API key, potentially spending funds or acting as the agent.
The registration command stores a raw EVM wallet private key and API key in ~/.lobpay/config.json. Those credentials can authorize payments and are much more sensitive than ordinary configuration.
fs.writeFileSync(CONFIG_FILE, JSON.stringify({
agentName,
address: agentAddress.toLowerCase(),
privateKey,
apiKey,
registeredAt: new Date().toISOString()
}, null, 2))Use only a dedicated low-balance wallet and restricted API key, secure ~/.lobpay permissions, and prefer a signer/wallet flow that does not persist raw private keys.
A mistaken or overbroad invocation could submit a real payment or purchase for the wrong product, quantity, merchant, or amount.
The quick-buy flow proceeds from checkout directly to an automatic X402 payment request based only on product ID and quantity. The artifacts do not show a required user confirmation, spend limit, or explicit verification of the final X402 payment challenge before signing.
console.log('\n2️⃣ Executing X402 payment...')
const purchaseRes = await fetchWithPayment(`${API_BASE}/api/v1/agents/purchase`, {
method: 'POST',
body: JSON.stringify({
items: [{ product_id: productId, quantity }]
}),Require explicit user approval after displaying merchant, network, token, and total amount; add spend caps and validate the X402 challenge against checkout data before signing.
The skill may connect to a different endpoint than a user expects if LOBPAY_API_URL is not set explicitly.
The scripts default to localhost, while SKILL.md describes the default as https://lobpay.market. This endpoint mismatch matters because API keys and payment requests are sent to API_BASE.
const API_BASE = (process.env.LOBPAY_API_URL || 'http://localhost:3000').replace(/\s+/g, '')
Set LOBPAY_API_URL explicitly to the trusted LobPay endpoint before registering credentials or making purchases.
A future dependency resolution could install different code than the reviewer saw.
The npm dependencies use semver ranges and no lockfile is provided in the artifacts. This is common, but payment-related code is sensitive to dependency changes.
"dependencies": {
"@x402/fetch": "^2.0.0",
"@x402/evm": "^2.0.0",
"viem": "^2.0.0",
"axios": "^1.6.0"
}Use a lockfile or pinned versions and install dependencies only from trusted registries.
Purchase history remains on the machine, and if the local history file is modified, the feedback workflow could target an unexpected transaction.
The skill persists local transaction history under ~/.lobpay and other scripts can reuse that history, such as rating the last purchase.
history.unshift(txData)
fs.writeFileSync(historyFile, JSON.stringify(history.slice(0, 50), null, 2)) // Keep last 50Protect the ~/.lobpay directory and verify transaction IDs before submitting feedback.