Skill Trust Decision
income-lab
Hardcoded API key found in payment.py poses critical credential exposure risk. The skill implements legitimate billing integration but fails to follow secure credential management practices.
Most direct threat evidence
Critical
Hardcoded API Key Exposed in Source Code A valid API key 'sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2' is hardcoded as plaintext in payment.py:12. This key grants access to the SkillPay billing API and could be extracted by anyone with read access to the repository.
payment.py:12 Why this conclusion was reached
2/4 dimensions flagged Pass
Declared vs actual capability
Declared resources and inferred behavior are broadly aligned.
Block
Hidden execution and egress
1 high-risk artifacts or egress signals were extracted.
Block
Attack chain and severe findings
The report includes 0 attack-chain steps and 2 severe findings.
Review
Dependencies and supply chain hygiene
4 dependency or supply-chain issues need attention.
What drove the risk score up
Hardcoded API key in source +45
Line 12 of payment.py contains plaintext API key 'sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2'
Environment variable mismatch +15
_meta.json declares SKILLPAY_API_KEY env var but code uses hardcoded value instead
Most important evidence
Critical
Hardcoded API Key Exposed in Source Code
A valid API key 'sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2' is hardcoded as plaintext in payment.py:12. This key grants access to the SkillPay billing API and could be extracted by anyone with read access to the repository.
payment.py:12 Replace hardcoded key with os.environ.get('SKILLPAY_API_KEY', '') and provide the actual key via environment variable at runtime.
High
Inconsistent Credential Management
The _meta.json declares SKILLPAY_API_KEY and SKILLPAY_USER_ID as required environment variables, but the code ignores these and uses a hardcoded value. This creates confusion and bypasses intended credential management.
payment.py:16 Make payment.py read BILLING_API_KEY from environment variable as intended by the metadata configuration.
Medium
No Version Pinning in Dependencies
requirements.txt specifies dependencies without version constraints (pandas>=2.0.0, numpy>=1.24.0, etc.). This allows potentially vulnerable versions to be installed.
requirements.txt:1 Pin exact versions of all dependencies to ensure reproducible builds and prevent supply chain attacks.
Low
Data Directory in User Home
Scripts store experiment data in ~/.income-lab directory. While declared in documentation, this creates files outside a sandboxed scope.
scripts/experiment_tracker.py:19 Consider using a more sandboxed location like XDG_DATA_HOME or a project-local directory.
Declared capability vs actual capability
Filesystem Pass
Declared READ,WRITE
→ Inferred READ,WRITE
SKILL.md declares experiment_tracker.py; ~/.income-lab usage confirmed in scripts Network Pass
Declared READ
→ Inferred READ
SKILL.md mentions billing system; payment.py makes requests to skillpay.me Shell Pass
Declared NONE
→ Inferred NONE
No subprocess or os.system calls in any script Environment Pass
Declared READ
→ Inferred READ
payment.py reads SKILLPAY_USER_ID from os.environ Skill Invoke Pass
Declared NONE
→ Inferred NONE
No skill invocation patterns found Suspicious artifacts and egress
High API Key
API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2" payment.py:12
Medium External URL
https://skillpay.me payment.py:11
Dependencies and supply chain
| Package | Version | Source | Known vuln | Notes |
|---|---|---|---|---|
| pandas | >=2.0.0 | pip | No | Version not pinned |
| numpy | >=1.24.0 | pip | No | Version not pinned |
| matplotlib | >=3.7.0 | pip | No | Version not pinned |
| python-dateutil | >=2.8.0 | pip | No | Version not pinned |
File composition
8 files · 1286 lines
Markdown 3 files · 632 linesPython 3 files · 626 linesJSON 1 files · 19 linesText 1 files · 9 lines
Files of concern · 3
scripts/experiment_tracker.py Data Directory in User Home
payment.py Hardcoded API Key Exposed in Source Code · Inconsistent Credential Management · API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2" · https://skillpay.me
requirements.txt No Version Pinning in Dependencies
Other files · weekly_reporter.py · SKILL.md · income-methods.md · retrospective-framework.md · _meta.json
Security positives
No shell execution vulnerabilities - no subprocess, os.system, or eval calls found
No credential exfiltration - network requests only go to documented billing endpoint
No suspicious base64 encoding or obfuscation
No access to sensitive system paths like ~/.ssh, ~/.aws, or .env files
No hidden functionality in HTML comments or other stealth channels
No curl|bash or wget|sh remote script execution patterns
Legitimate billing integration properly documented in SKILL.md
Experiment tracking functionality matches declared capabilities