Skills
skills/vapiai/skills/setup-api-key/Gen Agent Trust Hub

setup-api-key

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • REMOTE_CODE_EXECUTION (HIGH): The skill instructs the user or agent to run a remote MCP server using npx -y mcp-remote https://docs.vapi.ai/_mcp/server. This pattern downloads and executes code from a remote URL that is not on the established list of trusted sources.
  • COMMAND_EXECUTION (HIGH): In Step 2, the skill uses a curl command that interpolates <the-api-key> directly into a shell execution. Since this value is provided by the user, it creates a shell injection vector. An attacker could provide a payload like dummy_key" ; rm -rf / ; " to execute arbitrary commands on the host system.
  • CREDENTIALS_UNSAFE (MEDIUM): The skill is designed specifically to solicit, validate, and store high-privilege API keys. While this is its primary purpose, handling raw secrets in plaintext and storing them in .env files requires careful handling and increases the risk of accidental exposure.
  • DATA_EXFILTRATION (LOW): The skill transmits the user's API key to https://api.vapi.ai. While this is the legitimate endpoint for the service, it is a non-whitelisted domain according to the security policy.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 19, 2026, 06:17 PM