payram-self-hosted-payment-gateway

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). These links point to a plausible project (GitHub, official domain, Telegram) but include an installer invoked via "curl | bash" (get.payram.com), unvetted GitHub repos, and instructions involving private keys/seed phrases — all of which are common, high-risk vectors for distributing malware or credential-stealing code, so treat them as moderately to highly suspicious until independently verified.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly runs remote installers at runtime—e.g., "curl -fsSL https://get.payram.com | bash" and "git clone https://github.com/payram/payram-mcp" (followed by yarn dev)—which fetch and execute external code and are required for deployment, so they present high-risk runtime dependencies.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a self-hosted crypto payment gateway designed to move and manage funds. It includes concrete financial actions: deploying smart contracts for fund management, configuring hot wallets with private keys, performing cold-wallet sweeps, generating API keys for payment APIs, checkout and webhook integrations, and a payram-payouts skill described as "Send crypto payouts". These are specific payment/crypto execution capabilities (wallet management, transaction signing, payouts), not generic tooling, so it grants direct financial execution authority.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs SSHing as root and running a one-line installer (curl | bash), installing Docker/PostgreSQL, running certbot, and configuring firewall/SSL—actions that require root/sudo and modify the host system state, so it pushes privileged changes to the machine.