Trust Assessment
8004-mcp received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 1 critical, 2 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Unpinned Dependency in Quick Start Command, Master Password Handling for Wallet Store.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Private Key Import Capability The skill provides a `wallet_import` tool that allows importing private keys. This is an extremely sensitive operation. If an LLM agent is prompted to use this tool, it could be tricked into importing a malicious private key or, if compromised, revealing a private key it might have access to, leading to complete compromise of associated funds. Restrict access to the `wallet_import` tool to highly privileged contexts only. Implement strong authentication and authorization checks before allowing its use. Avoid exposing such a critical tool directly to an LLM agent without robust human-in-the-loop verification or a secure, isolated execution environment. | LLM | skill.md:380 | |
| HIGH | Unpinned Dependency in Quick Start Command The 'Quick Start' section uses 'npx @quantulabs/8004-mcp' without specifying a version. This can lead to supply chain vulnerabilities, as the latest version of the package will always be fetched. If the package maintainer's account is compromised or a malicious update is published, it could result in arbitrary code execution. Pin the dependency to a specific version, e.g., 'npx @quantulabs/8004-mcp@1.2.3', to ensure deterministic and secure execution. | LLM | skill.md:109 | |
| HIGH | Master Password Handling for Wallet Store The skill exposes tools (`wallet_store_init`, `wallet_store_unlock`) that explicitly require a master password as a direct argument. An LLM agent, if susceptible to prompt injection, could be manipulated into logging, storing, or transmitting this sensitive password, compromising the entire encrypted wallet store. Implement strict input validation and sanitization for sensitive arguments. Ensure the LLM's execution environment prevents logging or transmitting sensitive data. Consider using a secure credential management system or environment variables for such secrets, rather than direct arguments in tool calls. | LLM | skill.md:20 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/montecrypto999/8004-mcp/skill.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/397dc9f73e667b7d)
Powered by SkillShield