agentcash-onboarding

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs substituting an invite code/token directly into command-line invocations (e.g., npx agentcash@latest onboard / wallet redeem ), which would require the LLM to handle and potentially output the secret verbatim, posing an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs running remote code at runtime via "npx agentcash@latest onboard" (which fetches and executes the AgentCash npm package as a required step), so the runtime execution of that external package is a high-confidence risky dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about setting up and managing a crypto-backed payment wallet for AgentCash: it instructs running onboarding, creating a wallet, depositing USDC (Base), redeeming invite codes for credits, and links to wallet info and deposit actions. It also references the core skill for making paid requests (micropayments) and wallet operations (balance, redeem, deposit). These are specific crypto/payment operations (wallet management, deposits, redeeming credits, and facilitating paid transactions), so it grants direct financial execution capability.