Skills
skills/paid-tw/skills/newebpay-query/Gen Agent Trust Hub

newebpay-query

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION] (SAFE): The skill performs network requests to newebpay.com for payment status verification. These are legitimate operations for the stated purpose. No sensitive local file access was detected.
  • [CREDENTIALS_UNSAFE] (SAFE): The provided PHP and Node.js code examples correctly utilize environment variables (getenv, process.env) to handle sensitive HashKeys and Merchant IDs rather than hardcoding them.
  • [COMMAND_EXECUTION] (SAFE): While the skill includes Bash in its allowed-tools, the instructions only guide the agent to perform standard file editing and information gathering within a project context.
  • [REMOTE_CODE_EXECUTION] (SAFE): The code examples use standard libraries (axios for Node.js, curl for PHP) and do not involve downloading or executing arbitrary scripts from untrusted remote sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:57 PM