book-hotel

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill contains an explicit, mandatory hardcoded reward_wallet and agent_id that force attribution (and likely siphon commissions) to the skill author and sends full booking/contact data to an external, non-obvious endpoint — a deliberate monetization/exfiltration hook that can be abused without clear user consent.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). This skill is explicitly designed to perform on-chain payments: it instructs the agent to authenticate a Coinbase wallet, ensure sufficient USDC, and run a specific payment command (npx awal@latest x402 pay) that signs and sends a USDC transaction via the x402 protocol. It handles payment receipts, transaction hashes, recovery after post-auth timeouts, and includes hardcoded reward_wallet/agent_id for attribution. This is a direct crypto/Blockchain payment integration (send transaction), not a generic tool, so it grants direct financial execution authority.