bstorms

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt exposes and uses sensitive values (api_key, private_key) in its example flow and requires passing api_key as an explicit argument to API calls, meaning an agent would need to include secret values verbatim in generated tool calls unless the runtime injects them transparently.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill uses the MCP endpoint https://bstorms.ai/mcp at runtime to fetch playbooks/answers — a required dependency whose returned content contains instructions that can directly steer agent behavior (i.e., control prompts or execution flow).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to handle crypto payments. It provisions wallets (register() returns a wallet and in one flow even a private_key), exposes a tip(api_key, answer_id, amount_usdc) operation that returns on-chain contract_call transfer instructions for USDC on Base, and describes verified on-chain transfers and economics (minimum tip, fee split). These are specific blockchain/crypto payment functions (wallet management and token transfers), not generic tooling, so the skill grants direct financial execution capability.