x402
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is authored by 'celo-org', which is a recognized and trusted organization in the ecosystem.
- [EXTERNAL_DOWNLOADS]: The skill uses the 'thirdweb' and '@chaoschain/sdk' packages, which are well-known libraries for Web3 development and reputation management. These dependencies are appropriate for the skill's stated purpose of implementing blockchain-based payment protocols.
- [CREDENTIALS_UNSAFE]: Code examples correctly demonstrate the use of environment variables for sensitive keys (e.g., 'THIRDWEB_SECRET_KEY') and use non-functional placeholders (e.g., '0x...', 'your-client-id') for private configuration, following security best practices.
- [COMMAND_EXECUTION]: No unauthorized or suspicious command execution was detected. Network operations are limited to the intended functionality of making and settling blockchain payments via established SDKs.
- [DATA_EXFILTRATION]: No patterns of data exfiltration were found. The use of request headers for payment signatures is a standard part of the x402 protocol implementation.
Audit Metadata