allium-x402

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and load remote skill/docs at runtime (e.g., https://agents.allium.so/skills/x402-setup.md and the fallback https://docs.allium.so/llms.txt), and those fetched markdown files are used to determine and control agent behavior/instructions, so these URLs are runtime dependencies that directly control prompts.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly implements on-chain micropayments. The provided payment client (x402_request) automatically handles 402 responses by constructing an EIP-712 TransferWithAuthorization payload, using a wallet (PrivyAPI, WALLET_ID, PRIVY_APP_ID/SECRET) and calling eth_signTypedData_v4 to produce a signature, then submits a PAYMENT-SIGNATURE to authorize transfer of USDC on Base. This is a specific crypto/wallet signing and payment flow (moving funds), not a generic API caller or browser automation. Therefore it grants direct financial execution capability.