auth-helper
Warn
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill guides users to extract 'dex_cookie' session tokens from browser developer tools. These cookies are long-lived authentication tokens that grant full access to account features, including wallet management and trading execution. Recommending users to share these with the agent or store them in environment variables increases the attack surface for account takeover.
- [COMMAND_EXECUTION]: The 'Setup Workflow' and 'Verification' sections provide templates for using shell commands (curl) to interact with APIs using the user-provided cookie. If the agent or a script interprets the user-supplied cookie string directly within a shell command shell without rigorous sanitization, it creates a risk of command injection.
- [DATA_EXFILTRATION]: The 'Example Agent Interaction' section explicitly suggests that the agent should ask the user to 'Tell me the value' of the cookie. Providing sensitive session tokens directly in the chat interface exposes them to the LLM provider's logs and any downstream systems that process the conversation history.
Audit Metadata