Skills
skills/agnicpay/agnic-wallet-skills/pay-for-service/Gen Agent Trust Hub

pay-for-service

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses npx agnic@latest to download and run the AgnicPay CLI from the NPM registry. This is a vendor-owned resource matching the author 'agnicpay' and represents intended functionality.
  • [COMMAND_EXECUTION]: Executes Bash commands via the agnic CLI to verify authentication, check balances, and process payments.
  • [PROMPT_INJECTION]: The skill processes responses from external APIs which creates a surface for indirect prompt injection. Ingestion points: CLI output from the x402 pay command is returned to the agent context. Boundary markers: None present in the instructions. Capability inventory: The CLI can perform authenticated payment operations. Sanitization: No sanitization is performed on external API data before it is returned to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 03:34 PM