zeabur-ai-hub

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed API keys and a curl Authorization header directly (and tells the user the key is shown at creation time), which requires the agent to handle and potentially output secret values verbatim.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill repeatedly requires invoking "npx zeabur@latest" at runtime, which downloads and executes a remote npm package (zeabur) — this is a required runtime dependency that fetches and runs external code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit, specific commands to modify account balances and trigger payments: e.g., "npx zeabur@latest ai-hub add-balance --amount 10" (adds $10 to AI Hub balance) and auto-recharge commands ("--threshold" and "--amount") that will recharge funds automatically. These are direct financial execution actions (updating balances/initiating charges), not generic tooling. It even references checkout behavior when a linked card is needed. Therefore it grants direct financial execution capability.