x402 Commerce Kit: Merchant Starter Kit + Payment Rails Guide + Security Hardening
Security checks across malware telemetry and agentic risk
Overview
This skill asks for powerful payment, crypto, signing, dashboard, and GitHub credentials while the reviewed package contains only a short listing, not the promised deployable kit or guides.
Review this carefully before installing. Do not provide production GitHub, Stripe, wallet, signing, dashboard, or API secrets unless the publisher supplies the actual code and guides and you can use least-privilege test credentials with clear approval boundaries.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.