payram-setup
Fail
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the user to execute shell scripts directly from the internet using 'curl | bash'. Specifically, it references 'https://raw.githubusercontent.com/PayRam/payram-scripts/main/setup_payram_agents.sh' and 'https://raw.githubusercontent.com/PayRam/payram-server/main/install.sh'. These resources originate from the skill author's official GitHub organization.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of configuration files and the cloning of source code from 'github.com/PayRam'. These downloads are necessary for the deployment of the server software.
- [COMMAND_EXECUTION]: The instructions include several high-privilege commands for Docker container management, environment variable configuration, and network service setup on a host VPS.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface. 1. Ingestion points: User-provided PostgreSQL connection details and environment variables processed during setup in 'SKILL.md'. 2. Boundary markers: None identified to separate instructions from untrusted configuration data. 3. Capability inventory: The skill utilizes 'bash', 'docker', 'curl', and 'git' for server management. 4. Sanitization: No explicit validation or sanitization of the provided configuration data is documented.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/PayRam/payram-server/main/install.sh - DO NOT USE without thorough review
Audit Metadata