payram-bitcoin-payments

[Skill Scanner] [Documentation context] Backtick command substitution detected This is a documentation-only skill/integration guide for PayRam Bitcoin payments. It contains no executable code, no direct credential-harvesting patterns, and no download-or-execute instructions. The stated capabilities align with the documentation (xpub on server, seed stored on mobile, mobile signing for sweeps). Remaining risks are operational: trusting the PayRam mobile app and backend to keep private keys off-server, correct webhook verification, and the potential for misuse in 'no-kyc' payment flows. From the provided file alone there is no evidence of malicious code or supply-chain execution patterns. LLM verification: [LLM Escalated] No clear malicious code or supply-chain download-execute patterns are present in this skill documentation. The design (xpub on server + mobile-only seed + manual sweep approval) is plausible and consistent with the stated purpose, but the documentation omits several important security controls: guidance to avoid embedding API keys in client-side code, webhook signing/verification, explicit description of how signed sweep transactions are relayed/broadcast, and assurances about transport integrit