x402

Warn

Audited by Socket on Jul 8, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The skill’s payment and gateway functions match its stated purpose, but its footprint is high-risk: it can move real money, publish public paid endpoints, install persistence, and forward payment/admin data to a non-official third-party facilitator domain. I found no clear malware or obfuscation, but the data-flow and autonomy risks are substantial.

Confidence: 88%Severity: 78%
Audit Metadata
Analyzed At
Jul 8, 2026, 04:19 AM
Package URL
pkg:socket/skills-sh/Starchild-ai-agent%2Fofficial-skills%2Fx402%2F@02bd5e02503a423881549f324c9e2092d55ef544cfa7160623107c76d59ab695
Security Audit — socket — x402