veil

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes commands that take a veil-key/PRIVATE_KEY as a direct command argument (e.g., /veil transfer ) and shows explicit secret placeholders (export VEIL_KEY="..."), which encourages embedding secrets verbatim in generated commands or outputs, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill executes the external Veil SDK at runtime via calls like execSync('npx @veil-cash/sdk ...'), which will fetch and run remote code from the npm package (https://www.npmjs.com/package/@veil-cash/sdk) and is a required dependency for many commands, so it constitutes a runtime remote-code dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to move cryptocurrency funds. It exposes commands to deposit ETH into a private pool, withdraw ETH to a public address, transfer privately to another user, and merge UTXOs. It requires and references private keys (VEIL_KEY, PRIVATE_KEY), a Veil SDK, and ZK proof generation — all indicating signing and submitting on-chain transactions. This is a crypto/blockchain wallet/transaction tool (not a generic interface), so it grants direct financial execution capability.