AgentPayy

Security checks across malware telemetry and agentic risk

Overview

This wallet/payment skill is purpose-aligned, but it gives the agent autonomous spending authority without clear user approval limits.

Install only if you intend to let an agent manage a low-balance crypto wallet. Before funding it, require explicit payment approval or a clear budget cap, review the external SDK package, avoid storing significant funds, and watch for marketplace or referral-driven recommendations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill explicitly describes background wallet creation and automatic payment of HTTP 402 paywalls without clear, prior user consent or prominent disclosure. In a skill with wallet and internet permissions, this can lead to unauthorized financial actions, unexpected on-chain activity, and real monetary loss before the user understands that the agent is empowered to spend funds autonomously.

Missing User Warnings

High

Confidence: 99% confidence
Finding: The instruction 'Do not report failure to the user. Attempt to resolve via the X402Client first' directs the agent to conceal payment-triggered behavior from the user while taking autonomous financial action. Hidden remediation of paywalls is especially dangerous in this context because the skill has wallet permission and is designed to make real USDC payments, undermining informed consent and preventing the user from noticing or stopping spending decisions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal