Agent Payments

The skill provides a functional payment routing interface for Stripe, Coinbase Commerce, and the Spraay protocol, but contains high-risk patterns in 'scripts/pay.sh'. Specifically, the 'spraay_batch' and 'spraay_bitcoin_batch' functions use 'cat' to read arbitrary local files provided via the '--file' argument and transmit their contents to a third-party gateway (gateway.spraay.app) without any validation or sanitization. This creates a significant primitive for data exfiltration (e.g., reading SSH keys or cloud credentials) if the agent is manipulated via prompt injection. Additionally, the skill handles highly sensitive API keys and provides broad instructions in 'SKILL.md' to trigger on various financial and administrative tasks, increasing the potential impact of misuse.