upload-and-share

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs the agent to insert the returned uploadUrl (a temporary pre-signed URL that may contain sensitive tokens) directly into curl commands and output public/private URLs, which requires the LLM to handle and emit secret-like values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). High risk: this skill explicitly provides an easy, payment-authenticated mechanism to upload arbitrary local files to an external public host and return permanent public URLs, making it a clear enabler of data exfiltration and unintended public exposure without built-in consent or sensitive-data checks.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates a payment flow: it checks an on-chain wallet USDC balance (mcp__x402__get_wallet_info), directs deposits, and performs a purchase via a specific POST to the agentupload.dev x402 upload endpoint (mcp__x402__fetch to https://agentupload.dev/api/x402/upload) to buy an upload slot. These functions are narrowly defined for micropayment transactions (x402) and directly initiate paid actions. This is a specific financial execution capability (sending payments/consuming balance), not a generic API or browser automation tool.