Self-hosted Crypto Payment

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate crypto payment template, but its payment checker and fulfillment path need review before production use.

Install only after reviewing and fixing the payment confirmation path in staging. Use a dedicated mnemonic generated and stored offline or in a secrets manager, make fulfillment idempotent, require transaction-specific confirmation evidence for Bitcoin and other chains, and confirm the cron secret and service-client permissions are tightly controlled.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

High

Confidence: 98% confidence
Finding: The BTC checker uses funded_txo_sum, which is the total amount ever received by the address, not the current unspent balance or the amount tied to the specific invoice. An attacker can pay a small amount once, or rely on prior deposits to the same address, and later have new payments falsely marked confirmed whenever the cumulative received amount exceeds the expected threshold.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal