Security audit

Payment Gateway Payram

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for PayRam payment setup, but it normalizes running an unpinned remote installer for production payment infrastructure.

Review before installing. Fetch and inspect the installer first, pin it to a trusted release or commit, verify checksums/signatures if available, and run it only on a clean VPS with least-privilege credentials. Treat any PayRam MCP or payout/payment actions as sensitive and require explicit user confirmation before production use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The documentation instructs users to execute a remote script directly with `curl | bash`, which delegates full code execution to content fetched at runtime from an external source. In a payment-related skill, this is especially dangerous because it encourages installing infrastructure that may handle funds, secrets, webhook endpoints, or payout logic without any integrity verification, review step, or pinned version.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The skill advertises very broad trigger phrases such as generic payment setup and monetization requests, which can cause the skill to be invoked in many unrelated or only loosely related contexts. Overbroad invocation is risky here because the skill promotes payment infrastructure setup and external MCP connectivity, increasing the chance that users are steered into sensitive integrations without deliberate selection.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The install instructions present `curl -fsSL ... | bash` as a normal production setup path without any warning that it executes unreviewed remote code immediately. Because this skill concerns payment processing, users may run the command on production hosts or systems containing API keys and wallet-related configuration, magnifying the consequences of compromise or script tampering.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal