tron-x402-payment-demo

Security checks across malware telemetry and agentic risk

Overview

This demo matches its payment purpose, but it can automatically use a TRON private key to make a payment without clear confirmation or spending limits.

Review before installing. Use only a throwaway or minimally funded TRON wallet, verify the x402_payment_tron dependency and destination endpoint, and require visible confirmation of amount, network, recipient, and signing details before allowing any payment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to automatically fetch an external protected resource and perform the x402 payment flow without any explicit user warning or confirmation step. Because this involves outbound network access and automatic payment execution, a user may trigger real value transfer and external interaction without understanding the consequences.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The metadata declares use of TRON_PRIVATE_KEY, indicating the skill relies on sensitive signing material, but the description does not warn the user that private-key-backed payment operations may occur. This is dangerous because it normalizes use of wallet credentials in an automated flow and increases the risk of unintended signing, fund loss, or unsafe secret exposure through downstream tooling or misconfiguration.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal