wallet
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATION
Full Analysis
- Data Exposure (MEDIUM): The skill references a sensitive local file path (~/.x402scan-mcp/wallet.json). While this is core to its functionality as a wallet manager, referencing credential storage files increases the potential attack surface.
- Indirect Prompt Injection (LOW): The skill processes untrusted data from invite codes and remote API responses. 1. Ingestion points: x402.redeem_invite and x402.get_wallet_info. 2. Boundary markers: Absent. 3. Capability inventory: Local filesystem access and network requests. 4. Sanitization: None documented.
Audit Metadata