Nevermined Payments
Security checks across malware telemetry and agentic risk
Overview
This is a coherent instruction-only payment integration skill, but it handles live payment credentials, purchases, delegated spending tokens, and agent-to-agent bearer tokens that users should treat carefully.
Install this only if you intend to build Nevermined payment functionality. Start with sandbox keys, pin the SDK versions, avoid logging API keys or payment tokens, validate any agent/server before sending tokens, and require explicit review before using live purchases, plan registration, delegated spending, or credit-settlement flows.
VirusTotal
2/65 vendors flagged this skill as malicious, and 63/65 flagged it as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a live API key is provided to generated code or an agent, that code may be able to perform real Nevermined account and payment actions.
The required credential is central to the skill's purpose, but it can authorize Nevermined platform actions including registration and payment-related operations.
A **Nevermined API Key** (`NVM_API_KEY`) is required for ALL interactions with the Nevermined platform — SDK initialization, REST API calls, CLI usage, and agent registration.
Use sandbox keys for testing, keep live keys out of prompts and logs, grant the minimum permissions needed, and review any live payment or registration action before running it.
Using these examples unchanged with a live account could purchase plans or authorize limited spending.
The docs explicitly include financially mutating operations and delegated spending authority, while also warning users to test in sandbox and review limits.
`orderPlan` charges money in `live`, and `delegationConfig` grants the platform pre-authorized spending up to `spendingLimitCents` for `durationSecs` seconds.
Require explicit user approval before live `orderPlan`, token delegation, settlement, or plan-registration actions; keep spending limits and token durations low.
A leaked or misdirected payment token could let another party consume credits within the token's scope.
The integration intentionally passes bearer payment tokens between agents; the artifact provides appropriate mitigations, but users must apply them.
A2A flows ship payment tokens (`payment-signature`) between agents — they are bearer credentials. Always: (1) serve agents over HTTPS, (2) validate the peer Agent Card and base URL before sending tokens...
Use HTTPS, validate peer agent identity and base URLs, restrict CORS to trusted origins, avoid logging full tokens, and issue short-lived, narrowly scoped tokens.
Installing a newer or unintended SDK version could change how payment credentials or billing operations behave.
The skill is instruction-only and relies on external SDK packages; the install examples are unpinned even though specific verified versions are documented.
Verified against `@nevermined-io/payments@1.3.3` and `payments-py@1.5.0` ... `npm install @nevermined-io/payments` ... `pip install payments-py`
Pin SDK versions to reviewed releases, install from official package registries, and review dependency changes before using live credentials.