ClawHub
Back to skill
v1.0.3

tron-x402-payment-demo

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:24 AM.

Analysis

This payment demo explicitly performs automatic TRON payments using a private key and an unreviewed helper, without declared credentials, spending limits, or confirmation.

GuidanceReview carefully before installing. If you test it, use only a dedicated demo wallet with minimal funds, verify the external payment helper, and require the agent to show and confirm every transaction amount and destination before signing.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
Perform the payment and resource acquisition automatically as guided by the protocol (handling 402 Payment Required, signing permits, etc.).

The workflow instructs automatic payment handling and permit signing, but does not specify user confirmation, amount caps, recipient checks, or rollback/containment.

User impactThe agent may make a payment or sign a permit without the user seeing the exact transaction terms first.
RecommendationAdd mandatory user approval for each payment, show the amount, network, recipient, and resource URL, and enforce a small maximum demo spend.
Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusConcern
SKILL.md
follow the instructions provided by the `x402_payment_tron` skill

The skill delegates core payment/signing behavior to another skill that is not included in the provided artifacts or declared in the install requirements.

User impactA separate, unreviewed skill may determine how payments are signed and submitted.
RecommendationDeclare the dependency explicitly and review the referenced payment skill before installation, especially its key handling and transaction approval behavior.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
metadata: {"clawdbot":{"emoji":"🖼️","env":["TRON_PRIVATE_KEY"]

The artifact references a TRON private key, which can authorize blockchain account activity. The supplied requirements list no required environment variables, so this sensitive authority is under-declared.

User impactInstalling or invoking the skill could lead the agent to use a blockchain private key for payment-related actions.
RecommendationOnly use a dedicated low-balance demo wallet, and require explicit confirmation of the payment destination and amount before any signing or payment.