agent-payments

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs installing presto with a runtime command that fetches and executes remote code (curl https://presto-binaries.tempo.xyz/install.sh | bash), which is required for handling Tempo MPP flows and therefore is a high-risk external dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is specifically built as a Machine Payment Protocol for pay-per-query access: it implements a 402 Payment Required challenge/response flow, requires sending an Authorization: Payment to complete purchases, and returns Payment-Receipt headers. Its primary and explicit purpose is to enable payment transactions to access the API (i.e., move value for service access). This is not a generic API caller or browser automation — it is a dedicated payment protocol, so it constitutes direct financial execution capability.