Agent Commercial Contract
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill is high-risk because it directs agents toward legally binding contract signing and escrow payments without clear human-approval or spending-scope safeguards.
Only use this after reviewing the actual npm/GitHub code and confirming the legal, identity, and payment integrations. Do not let an agent sign contracts or move escrow funds autonomously unless you have explicit approval gates, spending limits, sandbox testing, restricted credentials, and legal review.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If connected to real services, an agent could enter binding agreements or release funds based on its own judgment rather than a human decision.
The example has an autonomous agent sign contracts and trigger milestone payment release, with no explicit user approval, spending limit, counterparty restriction, or confirmation step shown.
async acceptContract(contractId: string) { ... await this.sdk.contracts.signContract({ contractId, agentId: this.agentId, signature, credentials: this.credentials }); } ... async deliverWork(...) { await this.sdk.completeMilestoneAndPay(contractId, milestoneId, this.agentId); }Require explicit human confirmation before every contract signature, deposit, release, refund, dispute ruling, or enforcement action; add spending limits, sandbox defaults, and counterparty allowlists.
Misused or compromised credentials could let an agent bind an identity to contracts, access accounts, or authorize payment-related actions.
Private keys, API keys, and signing credentials can authorize legally and financially significant actions, but the artifacts do not clearly scope which credentials are used or how their authority is limited.
- Cryptographic identity system with public/private key pairs - Digital signature generation and verification - API key-based authentication ... credentials: this.credentials
Use dedicated limited-scope credentials, store signing keys in a vault or hardware-backed keystore, avoid personal/corporate master credentials, and document exact credential scopes.
Users may run package code that was not reviewed here, and later package or repository changes could alter high-impact legal or financial behavior.
The skill is instruction-only in the reviewed artifacts, but directs installation of external, unpinned runtime code that would handle contracts, keys, and payments.
npm install agent-commercial-contract # Or clone repository git clone https://github.com/ZhenRobotics/agent-commercial-contract.git cd agent-commercial-contract npm install
Review the package source before use, pin an exact package version or commit hash, use a lockfile, verify provenance, and test only in an isolated environment first.
A user may over-trust the skill to create enforceable contracts or secure escrow arrangements when legal validity and payment custody depend on external systems and jurisdiction-specific rules.
The documentation makes strong legal and escrow-safety claims without showing implementation details, payment-rail integration, jurisdiction constraints, or required human/legal review.
- Create legally-binding contracts from templates or custom terms - Automated payment holding in secure escrow accounts ... - Digital signatures legally binding
Treat the legal and escrow claims as unverified until reviewed by legal counsel and the actual payment/identity implementation; add clear disclaimers and jurisdiction/payment-provider requirements.
Sensitive contract terms, transaction history, dispute evidence, or business data could remain stored and be reused or exposed if storage is not protected.
The skill describes persistent records for contracts, disputes, evidence, and local storage, which may contain sensitive business, payment, or legal information.
- Full audit trail of all contract events - Structured dispute raising with evidence submission ... - better-sqlite3: Local contract storage (optional)
Define storage location, encryption, access controls, retention/deletion policy, and redaction rules before using it with real contract or dispute data.