chase-travel
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script features an optional automation hook for 2FA that uses
subprocess.runwithshell=Trueto execute a command specified in theCHASE_2FA_COMMANDenvironment variable. - [CREDENTIALS_UNSAFE]: The tool manages high-value banking credentials provided via environment variables and stores session persistence data (cookies) in the local filesystem.
- [EXTERNAL_DOWNLOADS]: The skill utilizes
patchright, an external browser automation library, and requires downloading browser assets to function.
Audit Metadata