registry  /  @gadgethumans/x402  /  3.0.2

@gadgethumans/x402@3.0.2

💰 Monetize your MCP server in one line. x402 crypto + Stripe fiat. Earn 19.8% affiliate revenue. The Visa for the agent economy.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malware behavior, but install-time persistence creates a package-owned affiliate ID in the user's home directory and later attaches it to payment flows. Runtime network calls are payment verification and Stripe operations aligned with the package's stated MCP payment middleware purpose.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Trigger
npm install runs postinstall; runtime activates when user invokes CLI or wrapMCPServer/createPaymentRequest
Impact
Persistent install identifier and package-aligned payment telemetry/routing; no credential theft or broad agent control mutation confirmed
Mechanism
install-time affiliate ID creation and runtime payment routing
Rationale
Source inspection supports a warning rather than a block: the package uses an npm postinstall hook to create a persistent affiliate ID, but it does not alter foreign AI-agent control surfaces, harvest secrets, execute remote payloads, or exfiltrate credentials. The network/payment behavior is consistent with the advertised x402/Stripe MCP payment middleware, though the install-time write is a real lifecycle risk.
Evidence
package.jsonscripts/postinstall.jsindex.jscli.jsrouter.js~/.gadgethumans/affiliate_idx402_tx_log.jsonl
Network endpoints3
swarm.gadgethumans.com/api/x402/swarm.gadgethumans.com/api/x402/verifycheckout.stripe.com/c/pay/

Decision evidence

public snapshot
AI called this Suspicious at 88.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • package.json defines postinstall: node scripts/postinstall.js
  • scripts/postinstall.js creates ~/.gadgethumans/affiliate_id during npm install
  • index.js reads ~/.gadgethumans/affiliate_id and includes it in payment metadata/router verification
  • index.js posts payment verification context to https://swarm.gadgethumans.com/api/x402/verify
  • router.js logs payment data to x402_tx_log.jsonl when run directly
Evidence against
  • No child_process, eval/vm/Function, native addon, or binary loading found
  • Postinstall writes only a package-owned affiliate identifier, not broad AI-agent config
  • No credential file/env harvesting observed; Stripe key is user-supplied and used with stripe SDK
  • Network endpoints are payment-router/Stripe functionality aligned with package purpose
  • No import-time execution beyond constants/helper definitions; middleware activates when user wraps an MCP server
Behavioral surface
Source
CryptoFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 47.9 KB of source, external domains: checkout.stripe.com, swarm.gadgethumans.com

Source & flagged code

3 flagged · loading source
package.jsonView file
•scripts.postinstall = node scripts/postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
•scripts.postinstall = node scripts/postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
router.jsView file
•matchType = previous_version_dangerous_delta matchedPackage = @gadgethumans/x402@3.0.4 matchedIdentity = npm:QGdhZGdldGh1bWFucy94NDAy:3.0.4 similarity = 0.500 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

router.jsView on unpkg

Findings

2 High2 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
HighPrevious Version Dangerous Deltarouter.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings