Trust Assessment
agent-backlink-network received a trust score of 55/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 1 critical, 0 high, 3 medium, and 1 low severity. Key findings include Unpinned npm dependency version, Node lockfile missing, Generated Private Key Printed to Standard Output.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 56/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Generated Private Key Printed to Standard Output The `src/keygen.js` script, intended for generating Nostr keypairs, prints the sensitive `nsec` (private key) directly to standard output. While the script includes a warning ("KEEP SECRET!"), printing it to stdout makes it highly susceptible to accidental logging, terminal history capture, or interception by an AI agent's output processing mechanisms. This constitutes a direct and critical leak of credentials. Modify `src/keygen.js` to avoid printing the `nsec` to standard output. Instead, prompt the user to confirm saving it directly to a secure file (e.g., `.secrets/nostr.json`) or to an environment variable, without displaying the key itself. If displaying is absolutely necessary for user confirmation, implement a temporary display with a clear warning and a mechanism to clear the screen or redact the output immediately after confirmation. | LLM | src/keygen.js:13 | |
| MEDIUM | Unpinned npm dependency version Dependency 'nostr-tools' is not pinned to an exact version ('^2.10.4'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/tylerhuff/abn-skill/package.json | |
| MEDIUM | Unpinned Dependencies in package.json The `package.json` file specifies dependencies (`nostr-tools`, `puppeteer`) using caret (`^`) ranges (e.g., `^2.10.4`). This allows for automatic updates to minor or patch versions. While convenient, it introduces a supply chain risk as a malicious update in a future version of these dependencies could be automatically pulled in, potentially introducing vulnerabilities or backdoors without explicit review. Pin exact versions for all dependencies (e.g., `2.10.4` instead of `^2.10.4`). Regularly audit and manually update dependencies after reviewing their changelogs for security implications. Ensure a `package-lock.json` file is generated and committed to guarantee consistent dependency versions across environments. | LLM | package.json:35 | |
| MEDIUM | Regex-based HTML Parsing of Untrusted Content The `src/verify.js` module fetches HTML content from a user-controlled `pageUrl` and then uses regular expressions (`extractLinks` function) to parse this HTML. Parsing untrusted, potentially malicious, or extremely large HTML content with regex is prone to Regular Expression Denial of Service (ReDoS) attacks. A specially crafted HTML input could cause the regex engine to consume excessive CPU resources, leading to a denial of service for the skill or the host system. Additionally, regex is generally fragile for parsing complex structures like HTML, which could lead to unexpected behavior or missed security checks. Replace regex-based HTML parsing with a robust, well-tested HTML parsing library (e.g., `cheerio`, `jsdom`). These libraries are designed to handle malformed HTML gracefully and are generally more resilient to parsing-related vulnerabilities like ReDoS. Additionally, implement input validation for `pageUrl` to ensure it adheres to expected URL formats (e.g., `http://` or `https://`). | LLM | src/verify.js:60 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/tylerhuff/abn-skill/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/13212b0f4ae50d0a)
Powered by SkillShield