billing-integration

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends the installation of official SDKs, specifically @credyt/api-client for Node.js and credyt-api for Python, to facilitate interaction with the Credyt service.
  • [COMMAND_EXECUTION]: The instructions direct the agent to run package management commands such as npm install and pip install to set up the required SDKs in the user's environment.
  • [DATA_EXFILTRATION]: The skill's primary function involves sending application usage events and customer data to Credyt's API endpoints (credyt.ai) for billing purposes. This is the intended behavior of the integration.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it requires the agent to read and analyze the user's existing application codebase.
  • Ingestion points: The agent is instructed to read project files (e.g., package.json, requirements.txt, and source code) to understand the tech stack and authentication setup.
  • Boundary markers: There are no explicit instructions for the agent to ignore or delimit potentially malicious content within the user's code.
  • Capability inventory: The skill allows the agent to modify local project files and perform network operations via the Credyt API.
  • Sanitization: No specific sanitization or validation logic is defined for the code content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 09:14 PM
Security Audit — agent-trust-hub — billing-integration