zeabur-ai-hub

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt demonstrates and encourages embedding API keys directly in code and curl headers (e.g., Authorization: Bearer sk-...), and notes the key is shown at creation time, which creates situations where the agent would need to handle or echo secret values verbatim.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill mandates running "npx zeabur@latest" at runtime, which fetches and executes code from the npm registry (e.g., https://registry.npmjs.org/zeabur) making it a required external runtime dependency that executes remote code.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill includes explicit, purpose-built commands to perform monetary actions on the AI Hub account: e.g., "npx zeabur@latest ai-hub add-balance --amount 10" to add funds (deducting from account credits / invoking checkout) and "npx zeabur@latest ai-hub auto-recharge --threshold 5 --amount 20" to configure automatic recharges. These are specific financial operations that modify account balance/charging behavior, not generic utilities, so they constitute direct financial execution capability.