x402-wach
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
x402-wachCLI tool to perform all primary functions, including wallet setup, authentication, and token risk analysis. - [EXTERNAL_DOWNLOADS]: The skill depends on the
@quillai-network/x402-wachNPM package and makes network requests tohttps://x402.wach.aifor data retrieval. - [DATA_EXFILTRATION]: The skill handles and transmits sensitive user data, including email addresses and One-Time Passwords (OTPs), to the vendor's API during the login and verification processes.
- [PROMPT_INJECTION]: The documentation includes explicit 'Hard Rules' and 'Absolute Prohibitions' intended to override agent behavior to ensure safety and payment compliance.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via external risk reports fetched at runtime.
- Ingestion points: The
verify-riskcommand processes data from thehttps://x402.wach.ai/verify-tokenendpoint. - Boundary markers: No explicit delimiters or instructions to ignore instructions within the reports are defined in the skill instructions.
- Capability inventory: The skill has command execution and network access capabilities.
- Sanitization: No sanitization or filtering of the external report content is described.
Audit Metadata