setup-agent

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to ask users for their Karma API key and to place or display that key in commands/outputs (export, curl headers, and a displayed "API Key"), which requires the LLM to receive and echo secret values verbatim.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly tied to blockchain/crypto execution. The setup flow returns walletAddress and smartAccountAddress, supportedChainIds, and a supportedActions list that includes on-chain financial operations such as "create-grant — Add funding to a project" and "create-project-with-grant — Create project + grant in one tx". Those are specific APIs to create on-chain transactions and move funds (crypto), not generic tooling. Therefore it grants direct financial execution capability.