moonpay-x402

SUSPICIOUS. The skill is purpose-aligned and uses an official same-org CLI and endpoint, so it does not look like credential harvesting or covert exfiltration. However, it explicitly enables autonomous real-world financial actions by spending from a local crypto wallet, which makes the overall skill high risk despite otherwise coherent install trust and data flow.