transfer-pix

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly instructs pasting the real API token into environment/config JSON and into Authorization headers (e.g., "you must paste the real token value directly" and "Authorization: Bearer your_access_token"), which requires the LLM or user-facing outputs to include secret values verbatim.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The MCP setup instructs running npx kobana-mcp-transfer (package page: https://www.npmjs.com/package/kobana-mcp-transfer), which causes remote code to be fetched and executed at runtime and is a required dependency for the skill's preferred MCP mode.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to move money. It provides dedicated MCP tools (create_transfer_pix, create_transfer_pix_batch, approve_transfer_batch, cancel_transfer_pix, etc.) and REST API endpoints (POST /v2/transfer/pix, POST /v2/transfer/pix_batches, PUT /v2/transfer/batches/{uid}/approve, etc.) for creating, sending, approving, canceling Pix transfers and managing financial accounts. The documentation includes required payment parameters (amount, financial_account_uid, bank account details, beneficiary info), batch workflow, and sandbox/production auth setup—all of which are specific financial execution capabilities rather than generic tooling.