payram-self-hosted-payment-gateway
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill provides a one-line installer (
curl -fsSL https://get.payram.com | bash) that executes remote code with system privileges. While this is the primary setup method, the source is not a verified trusted entity, allowing for potential arbitrary code execution by the domain owner. - EXTERNAL_DOWNLOADS (HIGH): It instructs the user to clone a repository from an unverified GitHub organization (
PayRam) and runyarn install. This bypasses standard package registry safety checks and could lead to supply chain attacks. - COMMAND_EXECUTION (MEDIUM): The deployment instructions involve SSH access as the root user, which escalates the potential impact of any malicious script executed during the setup process.
- CREDENTIALS_UNSAFE (MEDIUM): The skill directs users to input sensitive 12-word seed phrases and private keys. Although it claims local encryption, handling such credentials in a tool-guided workflow increases the surface area for credential theft.
Recommendations
- HIGH: Downloads and executes remote code from: https://get.payram.com - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata