alipay-pay-for-402-service
Facilitates payment processing for HTTP 402 errors using Alipay's CLI tool, ensuring secure and efficient transaction handling.
Install this skill
or
68/100
Security score
The alipay-pay-for-402-service skill was audited on Jun 7, 2026 and we found 8 security issues across 2 threat categories, including 1 critical. Review the findings below before installing.
Categories Tested
Security Issues
critical line 209
Eval function call - arbitrary code execution
SourceSKILL.md
| 209 | > - 输出中包含明显注入模式(如 `<script>`、`javascript:`、`eval(` 等) |
low line 39
External URL reference
SourceSKILL.md
| 39 | - 官方 npm 页面:https://www.npmjs.com/package/@alipay/agent-payment |
low line 45
External URL reference
SourceSKILL.md
| 45 | - resource_url 必须为 `https://` 开头,禁止 shell 特殊字符和路径穿越 |
low line 225
External URL reference
SourceSKILL.md
| 225 | - **电脑端用户**:请 [点击此处](https://xxxxx) 打开收银台页面扫码支付 |
low line 226
External URL reference
SourceSKILL.md
| 226 | - **手机端用户**:请 [点击此处](https://xxxxx) 唤起支付宝APP完成支付 |
low line 250
External URL reference
SourceSKILL.md
| 250 | - 否则按纯文本处理,从文本中查找 `https://u.alipay.cn/` 或 `https://render` 开头的 URL |
low line 252
External URL reference
SourceSKILL.md
| 252 | - `shortUrl`:用于查询支付状态,格式 `https://u.alipay.cn/...` 或 `https://render*.alipay.com/...` |
low line 253
External URL reference
SourceSKILL.md
| 253 | - `支付链接`:用于用户扫码支付,格式 `https://cashier*.alipay.com/...` 或 `alipays://...` |
Scanned on Jun 7, 2026
View Security Dashboard