The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The helper script scripts/x402-pay.mjs utilizes dynamic loading patterns, including createRequire and dynamic import(), to resolve and load the viem library from the user's current working directory (process.cwd()). Executing code from paths determined at runtime is a risk factor for local code injection if the tool is run in an untrusted directory.
[CREDENTIALS_UNSAFE]: The skill's operational flow relies on reading sensitive private keys from environment files stored in .radius/wallets/. The x402-pay.mjs utility script directly accesses these files to retrieve credentials for signing micropayment authorizations. Although the script verifies that file permissions are set to 0600, the programmatic access to raw private keys increases the risk of credential exposure.
[COMMAND_EXECUTION]: The documentation and evaluation test cases utilize various shell commands, including curl, jq, node, and cast. This involves a workflow that manages sensitive payment data and EIP-712 typed-data payloads within temporary files in the /tmp directory.
[DATA_EXFILTRATION]: The x402-pay.mjs script performs network requests to transmit signed cryptographic authorizations (EIP-2612 and Permit2 signatures) to external HTTP endpoints. While this is the intended function of the x402 protocol, the script sends these authorizations to any URL provided as a command-line argument, which could lead to the exposure of payment permits to untrusted or malicious servers.

x402