Edvisage B2a Commerce

This skill is a safety and protocol guide for enabling agent payments and appears coherent, but take these precautions before installing or enabling autonomous payments: - Verify publisher/source: registry metadata shows 'source: unknown' and 'homepage: none' while package.json/README reference edvisageglobal.com and a GitHub repo. Confirm the skill's origin (official Edvisage resources) before trusting it. - Confirm wallet integration: the skill assumes your agent can sign USDC micropayments. Determine where the agent's wallet/private key is stored and how signing is performed; do not allow the skill to access private keys directly. Use an isolated, funded-only-for-operations wallet. - Configure limits and approvals first: set DAILY_SPEND_LIMIT, PER_TRANSACTION_LIMIT, and HUMAN_AUTH_THRESHOLD before enabling autonomous transactions, and test with very low limits or in a sandbox environment. - Enforce human approval for non-trivial amounts: rely on platform controls or agent policies to require explicit human confirmation for transactions above a conservative threshold. - Audit logging and monitoring: ensure transaction logs (timestamps, domains, tx hashes) are sent to a secure location and weekly summaries go to a human you trust. - Sandbox test: run the agent in a controlled environment with minimal funds to verify the flow and that it never exposes keys in logs or messages. If you want higher assurance, request the skill provider's source repository and an implementation example showing how signing is delegated to a secure key manager or hardware-backed wallet; that will raise confidence from medium to high.