xero-api-integration
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): Automated scanner URLite detected the URL 'year.to' and classified it as Phishing (UR11E29749DD4B3833-0200). Referencing known malicious or phishing domains in a skill's metadata or code is a high-severity indicator of malicious intent.
- CREDENTIALS_UNSAFE (HIGH): The inclusion of a phishing-related domain poses a direct threat to user credentials. Phishing links are commonly used to harvest sensitive information, passwords, and API keys through deceptive interfaces.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata