nightmarket

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs constructing HTTP requests that include API keys (e.g., X-API-Key: crow_sk_...) and requires retrying with a verbatim payment-signature header, which forces the agent to handle and output secret values in requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to query and consume marketplace listings and seller-provided request/response examples from public Nightmarket endpoints (e.g., https://nightmarket.ai/api/marketplace and https://nightmarket.ai/api/x402/<endpoint_id>) as shown in SKILL.md and references/api.md, which are untrusted third‑party content that the agent must read and act on (choose services, build calls, and retry with payment), so those responses could indirectly inject instructions affecting tool use.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to perform on-chain payments for API calls. It documents a full payment flow (402 Payment Required with payTo address, price in USDC on Base, signing payments and retrying with a payment-signature header), references a CrowPay authorize API (including X-API-Key usage and endpoints for approve/deny/status), and instructs agents to obtain/manage wallets (CrowPay managed wallets). These are specific payment APIs and wallet-signing/payment-authorization operations (sending USDC on Base), not generic HTTP or browsing capabilities — i.e., the skill's primary and explicit purpose is to move money to settle API calls.