agentcash-onboarding

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs running CLI commands that include an invite code token (e.g., npx agentcash@latest onboard <code> / ... wallet redeem <code>), which requires embedding a user-provided secret verbatim into generated commands, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires running the remote npm package via commands like "npx agentcash@latest onboard" which will fetch and execute code from the npm registry at runtime, making it a required external dependency that can directly control behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly provisions and manages a crypto-backed wallet and related payment actions: onboarding a wallet, showing wallet address and USDC balance, depositing USDC (Base or Solana), and redeeming invite credit via commands like npx agentcash@latest onboard, npx agentcash@latest wallet info, and npx agentcash@latest wallet redeem <code>. These are specific financial/crypto wallet operations (micropayments) rather than generic tooling, so it grants direct financial execution capability.