Trust Assessment
agos-marketplace received a trust score of 59/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 2 high, 2 medium, and 0 low severity. Key findings include Suspicious import: urllib, Sensitive data sent to arbitrary API base URL in create_listing.py, Sensitive data sent to arbitrary API base URL in create_order.py.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Sensitive data sent to arbitrary API base URL in create_listing.py The `create_listing.py` script allows the `--base-url` argument (or `AGOS_API_BASE` environment variable) to be set to an arbitrary URL. When creating a listing, the script constructs a payload containing sensitive information such as `supplier_wallet`, `endpoint` (a callback URL), `name`, `description`, `price_usdt`, and JSON schemas. This payload is then sent via an HTTP POST request to the user-defined `base_url`. An attacker could set this `base_url` to their own server to capture this sensitive user-provided data. Restrict the `--base-url` argument to a whitelist of trusted domains. If arbitrary URLs are necessary, implement strong warnings and require explicit user confirmation for non-whitelisted domains, clearly stating the data that will be sent. | LLM | scripts/create_listing.py:130 | |
| HIGH | Sensitive data sent to arbitrary API base URL in create_order.py The `create_order.py` script allows the `--base-url` argument (or `AGOS_API_BASE` environment variable) to be set to an arbitrary URL. The script then performs multiple HTTP requests (listing selection, order creation, payment preparation, status polling) to this user-defined URL. Sensitive information, including `buyer_wallet`, `input_payload` (arbitrary user data), `listing_id`, `purchase_id`, and `payment_preparation` details (e.g., `token_address`, `supplier_wallet`, `amount_atomic`, `payment_router_address`), can be sent to or fetched from this potentially attacker-controlled endpoint, leading to data exfiltration. Restrict the `--base-url` argument to a whitelist of trusted domains. If arbitrary URLs are necessary, implement strong warnings and require explicit user confirmation for non-whitelisted domains, clearly stating the data that will be sent. | LLM | scripts/create_order.py:105 | |
| MEDIUM | Suspicious import: urllib Import of 'urllib' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/danielw8088/agos-marketplace/scripts/create_listing.py:11 | |
| MEDIUM | Suspicious import: urllib Import of 'urllib' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/danielw8088/agos-marketplace/scripts/create_order.py:12 |
Scan History
Embed Code
[](https://skillshield.io/report/994c68f46c949df4)
Powered by SkillShield