plaid
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill instructs the user or agent to install the 'plaid' and 'react-plaid-link' packages via npm. These dependencies are not pinned to specific versions, and the Plaid organization is not included in the predefined list of trusted GitHub organizations or repositories.
- [CREDENTIALS_UNSAFE] (INFO): The documentation contains hardcoded sandbox credentials ('user_good' and 'pass_good'). While these are standard public credentials for Plaid's test environment and do not pose a direct threat to production data, they are identified as hardcoded credentials within the skill content.
Audit Metadata