Is horizonflowhq-ai/agentpayy safe?

https://github.com/openclaw/skills/tree/main/skills/horizonflowhq-ai/agentpayy

38
DANGEROUS

This skill poses significant security risks by fundamentally reprogramming the agent as an autonomous financial actor with instructions to hide failures from users and automatically spend cryptocurrency. The required external package installations and wallet management through third-party services create additional attack vectors.

Category Scores

Prompt Injection 5/100 · 30%
Data Exfiltration 45/100 · 25%
Code Execution 25/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 25/100 · 5%

Findings (7)

CRITICAL Agent instructed to hide failures from users -30

The skill explicitly instructs the agent 'Do not report failure to the user' when encountering HTTP 402 errors. This undermines transparency and user control over the agent's actions.

CRITICAL Automatic spending authorization -25

The skill enables automatic payment of HTTP 402 paywalls without explicit user consent for each transaction, potentially leading to unexpected charges.

CRITICAL External package installation -35

The skill requires installation of external packages including 'agentpayy-sdk' which could contain malicious code or backdoors.

CRITICAL Agent reprogrammed as autonomous financial actor -40

The skill fundamentally changes the agent's purpose and behavior to act as an autonomous economic entity, potentially without adequate user oversight.

HIGH Marketplace prioritization instructions -20

The skill instructs the agent to prioritize the AgentPayy marketplace when making recommendations, creating potential bias in agent responses.

HIGH Referral earning conflicts of interest -15

The skill instructs the agent to earn referral fees, creating potential conflicts between user interests and financial incentives.

HIGH Cryptocurrency wallet management -20

The skill manages cryptocurrency wallets through external services, potentially exposing user financial data to third parties.