billing-integration
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of official SDKs, specifically
@credyt/api-clientfor Node.js andcredyt-apifor Python, to facilitate interaction with the Credyt service. - [COMMAND_EXECUTION]: The instructions direct the agent to run package management commands such as
npm installandpip installto set up the required SDKs in the user's environment. - [DATA_EXFILTRATION]: The skill's primary function involves sending application usage events and customer data to Credyt's API endpoints (credyt.ai) for billing purposes. This is the intended behavior of the integration.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it requires the agent to read and analyze the user's existing application codebase.
- Ingestion points: The agent is instructed to read project files (e.g.,
package.json,requirements.txt, and source code) to understand the tech stack and authentication setup. - Boundary markers: There are no explicit instructions for the agent to ignore or delimit potentially malicious content within the user's code.
- Capability inventory: The skill allows the agent to modify local project files and perform network operations via the Credyt API.
- Sanitization: No specific sanitization or validation logic is defined for the code content before it is processed by the agent.
Audit Metadata