x402lint
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No direct or indirect injection patterns found in the skill instructions or protocol specification.
- [Data Exposure & Exfiltration] (SAFE): The skill handles public blockchain identifiers and payment amounts. No access to sensitive files, hardcoded credentials, or exfiltration logic was identified.
- [Obfuscation] (SAFE): No obfuscated code, zero-width characters, or deceptive encoding detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package downloads or remote script executions. The skill references a local package for validation logic.
- [Indirect Prompt Injection] (SAFE): While the skill processes user-provided configuration data, it does not possess exploitable capabilities such as file system access or network operations that could be abused via injected content.
Audit Metadata