Skills
skills/opusgamelabs/game-creator/monetize-game/Gen Agent Trust Hub

monetize-game

Fail

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill accesses the agent's internal configuration file at ~/.claude.json to extract the x-api-key header for the Play.fun service.
  • [DATA_EXFILTRATION]: The skill instructs the agent to write the extracted secret API key into the game's index.html file via a <meta name="x-ogp-key"> tag. Because the skill then triggers a public deployment of the project to platforms like GitHub Pages or here.now, the user's private credentials are leaked to the public internet.
  • [COMMAND_EXECUTION]: The skill executes multiple local scripts and system commands, including node skills/playdotfun/scripts/playfun-auth.js, gh api user for identity checks, and npm run deploy for external publishing.
  • [EXTERNAL_DOWNLOADS]: The skill modifies the game's source code to load a remote JavaScript SDK from https://sdk.play.fun/latest. While this is an official vendor domain for the skill's service, it represents a remote code inclusion pattern.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface.
  • Ingestion points: Data is read from package.json and src/core/Constants.js (Step 3).
  • Boundary markers: None are present to distinguish between trusted instructions and data read from the game files.
  • Capability inventory: The skill has the ability to execute shell commands, perform network POST requests, and modify project files.
  • Sanitization: There is no evidence of sanitization or validation of the scoring limits or metadata read from the game files before they are sent to the Play.fun API.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 12, 2026, 01:09 PM