create-python-x402-server
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs users to install the
x402-avmpackage via pip. This is a third-party dependency from a non-whitelisted source that implements critical middleware and payment logic. - [DATA_EXFILTRATION] (LOW): The skill configures a mandatory connection to
https://x402.org/facilitator. Per the x402 protocol, this service receives request metadata to verify payments, which constitutes a low-risk external data flow. - [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface (Category 8).
- Ingestion points: The
PaymentMiddlewareandPaymentMiddlewareASGIcomponents inSKILL.mdingest untrusted data from HTTP request headers and path patterns. - Boundary markers: None identified in the provided configuration snippets.
- Capability inventory: The skill sets up web servers (FastAPI/Flask) capable of processing network requests and potentially executing downstream logic based on payment verification.
- Sanitization: No explicit sanitization or validation of the incoming payment headers is shown in the examples, creating a surface for schema confusion or header-based injection if the output is used in an LLM context.
Audit Metadata