Skills
skills/phrazzld/claude-config/check-payments/Gen Agent Trust Hub

check-payments

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION] (HIGH): Access to sensitive credential files.
  • Evidence: The skill executes grep -q "STRIPE_" .env.local and similar commands for Bitcoin and Lightning providers. Accessing .env.local files is a high-severity risk as these files are standard locations for plaintext API keys and secrets.
  • [COMMAND_EXECUTION] (LOW): Execution of shell commands for system reconnaissance.
  • Evidence: The Provider Detection block uses grep, env, and command -v to probe the environment. These commands are used to inspect the file system and environment state.
  • [INDIRECT_PROMPT_INJECTION] (HIGH): Vulnerability surface through untrusted data ingestion.
  • Ingestion points: Local files package.json and .env.local are read by the skill's discovery scripts.
  • Boundary markers: None. There are no delimiters or instructions to ignore embedded content within the files being scanned.
  • Capability inventory: The skill has the capability to execute shell commands (grep, env) and access the file system.
  • Sanitization: None. The skill does not sanitize the contents of the files before processing them with shell utilities, which could lead to command injection if file contents are maliciously crafted.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:11 AM