Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agentic X402
v0.2.6Make x402 payments to access gated APIs and content. Fetch paid resources, check wallet balance, and create payment links. Use when encountering 402 Payment...
⭐ 0· 1.2k·1 current·3 all-time
by@ya7ya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description (make x402 payments, fetch paid resources, create links) align with the declared requirements: it installs an x402 CLI binary and depends on EVM_PRIVATE_KEY to sign payments. Declared dependencies and binaries are appropriate for an x402 payment CLI.
Instruction Scope
SKILL.md and the scripts instruct the agent to: create/read ~/.x402/.env, accept or generate an EVM private key, check balances, fetch arbitrary URLs, and automatically perform crypto payments via a wrapped fetch. This matches the stated purpose, but it also gives the skill the ability to (a) contact arbitrary external endpoints (the target URL and configured facilitator / links-server), and (b) initiate on-chain transactions using the provided private key. The instructions also show commands that display the private key (cat ~/.x402/.env), which is risky but not inconsistent with the tool's goal.
Install Mechanism
Install uses a published npm package (agentic-x402) which provides the x402 binary. No arbitrary download URLs or extract-from-remote archives are used. Dependencies are standard for a Node CLI interacting with EVM and network services.
Credentials
Only EVM_PRIVATE_KEY is required (declared as primaryEnv), which is necessary to sign payments. This is proportionate to making payments but very sensitive: possession of this key grants full control of the wallet. No unrelated credentials are requested. The SKILL.md recommends using a dedicated wallet and limiting funds (good).
Persistence & Privilege
always:false (no forced global inclusion). The skill can be invoked autonomously by the agent (platform default). Combined with the required private key, autonomous invocation increases blast radius, but autonomous invocation alone is normal for agent skills.
Assessment
This skill appears to be what it says: a CLI that lets an agent pay HTTP 402 charges using an EVM private key. That makes it operationally useful but also inherently risky because the skill needs a wallet private key. Before installing or enabling it for an agent:
- Only use a dedicated wallet with minimal funds. Do NOT use your primary/main wallet private key.
- Set a low X402_MAX_PAYMENT_USD and prefer using --dry-run / --max overrides for safety.
- Start on testnet (X402_NETWORK=testnet) to verify behavior.
- Avoid storing long-term secrets in plaintext. If you must use EVM_PRIVATE_KEY in an env/file, keep file permissions restricted (chmod 600) and prefer ephemeral or ephemeral-process-provided credentials.
- Review the npm package source (already included here) and pin a specific vetted version; consider running it in a sandbox/container.
- Note that the tool will contact external facilitator endpoints and any configured x402-links-server (e.g., 21.cash) and may submit transactions to the chain; ensure you trust those endpoints.
If you want additional assurance, run the CLI in a controlled environment, inspect network calls during a test run, or have the package audited. Because the private key grants spending authority, exercise caution even though the package is coherent with its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk97cdet3y75sfeq4cs1z9etyr9814xtv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsx402
EnvEVM_PRIVATE_KEY
Primary envEVM_PRIVATE_KEY
Install
Install agentic-x402 (npm)
Bins: x402
npm i -g agentic-x402