USDC Escrow
WarnAudited by ClawScan on May 10, 2026.
Overview
This escrow skill is openly a payment tool, but its artifacts show unauthenticated commands that can change escrow fund states through a remote server wallet.
Review this carefully before installing. The scripts are simple and disclosed, but they call a remote escrow API that can create, release, dispute, resolve, or reclaim escrowed funds without documented authentication. Confirm the network, contract, backend operator, and approval process, and require explicit human confirmation before any command that changes escrow state.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could trigger fund-release or other escrow-changing actions without a clear approval or authorization boundary in the artifacts.
The documented endpoint changes escrowed fund disposition but has no authentication requirement, and the included release script calls this POST endpoint directly.
Release escrowed USDC to the beneficiary. Only the depositor can release. ... Auth: None
Require explicit user confirmation for every fund-changing command, verify the escrow ID and recipient before use, and prefer an API design that authenticates callers or requires wallet signatures.
Users must trust the remote service wallet and its access controls; the artifacts do not show how callers are tied to a depositor, beneficiary, or arbiter identity.
The backend appears to act with a privileged wallet rather than requiring the user or agent to sign transactions directly, which creates an unclear delegation and account boundary.
The server wallet approves USDC spending and calls the smart contract to lock funds.
Do not use with valuable funds unless the backend authorization model is independently verified; require wallet-based signing or strong per-user authentication for privileged actions.
A user may believe the escrow is fully trustless and safely arbitrated when the artifacts show reliance on a remote backend and arbiter implementation not provided for review.
The trustless and impartiality framing may cause over-trust, while the API documentation describes a centralized server wallet/arbiter and unauthenticated mutation endpoints.
This skill provides trustless USDC escrow services ... The AI arbiter agent resolves disputes impartially
Treat the trust and arbitration claims as unverified; confirm the contract, backend operator, network, and dispute process before relying on the skill.
Users have limited information about who operates the backend service or how its wallet and arbitration logic are secured.
For a payment-related skill that depends on an external hosted API, the lack of source and homepage limits provenance review.
Source: unknown; Homepage: none
Review the provider and contract independently, and avoid delegating real-value payment decisions until the service provenance and backend controls are clear.