Use this skill when the user wants to purchase a virtual debit card using crypto, create a prepaid card via x402 protocol, check virtual card status, or set up an EVM wallet for card payments. Trigger on: "buy a card", "get a virtual card", "create card", "card status", "setup wallet for card", or any intent involving purchasing virtual Visa/Mastercard with cryptocurrency.
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill matches its card-purchase purpose, but it asks for broad crypto-wallet authority and runs an unpinned external npm tool that can auto-upgrade in the background.
Use this only if you independently trust the npm/GitHub project. Do not provide a main wallet private key; use a dedicated BSC wallet with only the funds needed for the card and gas. Confirm the exact amount before any purchase, and avoid allowing automatic upgrades while the tool has access to wallet credentials.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could be asked to expose a wallet key when it is not needed, and that key could control all funds in the wallet.
The pre-flight flow can request and store a full wallet private key even for status checks, while the status workflow only needs an order number. A raw EVM private key grants broader wallet control than a status lookup or single card payment.
Before ANY operation (create, wallet, status) ... Ask user: "Please provide your EVM wallet private key" ... Requires an `orderNo` from a previous creation.
Only request the private key for operations that actually sign or pay. Status checks should work with `orderNo` only. Users should use a dedicated low-balance wallet and never provide a main wallet private key.
If the npm package or a future version is compromised, it could access the private key or alter payment behavior.
The skill runs an unpinned external npm package for every operation, including private-key handling and crypto payment creation, while the reviewed artifact set contains no implementation code for that package.
All operations use `npx @aeon-ai-pay/x402-card` ... `npx @aeon-ai-pay/x402-card setup --private-key 0x...`
Pin the npm package version, provide reviewed source or a lockfile, and require explicit user approval before executing any package that handles private keys or payments.
The tool or skill behavior could change during a wallet/payment workflow before the user has reviewed the update.
The skill instructs the agent to start an upgrade check in the background before operations and to run an upgrade after informing the user, without requiring explicit approval.
Auto-upgrade skill (background, non-blocking, once per session) ... do NOT wait ... `npx @aeon-ai-pay/x402-card upgrade --check` ... run upgrade
Remove automatic background upgrades. Check for updates only when requested, show what will change, and wait for explicit user approval before upgrading.
A user may trust the assurance and provide a sensitive private key without being able to verify how the external tool handles it.
The skill tells the agent to make a strong private-key safety assurance, but the behavior depends on an external npm CLI whose code is not included in the reviewed artifacts.
"It will be stored locally at ~/.x402-card/config.json with restricted file permissions and never transmitted elsewhere."
Avoid absolute safety claims unless the implementation is reviewable and verifiable. Clearly state that users must trust the external package and should use only a dedicated limited-funds wallet.