fluxa-agent-wallet-via-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires including an Agent JWT verbatim in Authorization headers for API calls (Authorization: Bearer <AGENT_JWT>), which forces the agent to handle and potentially output secret tokens.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's x402 payment workflow requires the agent to call arbitrary external APIs, read the HTTP 402 payment response (e.g., host/resource/accepts fields such as in the polymarket example like https://fluxa-x402-api.gmlgtm.workers.dev/...), and use those untrusted third-party response fields to construct payments and subsequent requests, so third-party content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform on-chain financial operations via a REST API: it provides endpoints and flows to register an Agent JWT and then (a) execute x402 payments, (b) send USDC payouts to arbitrary wallet addresses, and (c) create payment links to receive payments. These are specific crypto/payment primitives (wallet transfers, payment gateway-like flows) rather than generic tooling. Therefore it grants direct financial execution capability.