Trust Assessment
basecred-8004-registration received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 7 findings: 3 critical, 2 high, 2 medium, and 0 low severity. Key findings include Unpinned npm dependency version, Direct Access to Private Key Environment Variable, Direct Access to Pinata JWT Environment Variable.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Direct Access to Private Key Environment Variable The skill explicitly accesses the `PRIVATE_KEY`, `AGENT_PRIVATE_KEY`, or `MAIN_WALLET_PRIVATE_KEY` environment variables in `feedback.mjs`, `register.mjs`, and `update.mjs`. While necessary for on-chain transaction signing, this direct access to a highly sensitive credential makes the skill a critical target for credential harvesting if compromised or manipulated. The `SKILL.md` also explicitly states that the wallet address is derived from the private key in `.env`. Ensure the environment where the skill runs is highly secured. Implement strict access controls for the `.env` file and environment variables. Consider using external signing services or hardware security modules if the agent's operational environment allows for it, to minimize direct exposure of the private key to the skill's runtime. | LLM | scripts/feedback.mjs:23 | |
| CRITICAL | Direct Access to Private Key Environment Variable The skill explicitly accesses the `PRIVATE_KEY`, `AGENT_PRIVATE_KEY`, or `MAIN_WALLET_PRIVATE_KEY` environment variables in `feedback.mjs`, `register.mjs`, and `update.mjs`. While necessary for on-chain transaction signing, this direct access to a highly sensitive credential makes the skill a critical target for credential harvesting if compromised or manipulated. The `SKILL.md` also explicitly states that the wallet address is derived from the private key in `.env`. Ensure the environment where the skill runs is highly secured. Implement strict access controls for the `.env` file and environment variables. Consider using external signing services or hardware security modules if the agent's operational environment allows for it, to minimize direct exposure of the private key to the skill's runtime. | LLM | scripts/register.mjs:190 | |
| CRITICAL | Direct Access to Private Key Environment Variable The skill explicitly accesses the `PRIVATE_KEY`, `AGENT_PRIVATE_KEY`, or `MAIN_WALLET_PRIVATE_KEY` environment variables in `feedback.mjs`, `register.mjs`, and `update.mjs`. While necessary for on-chain transaction signing, this direct access to a highly sensitive credential makes the skill a critical target for credential harvesting if compromised or manipulated. The `SKILL.md` also explicitly states that the wallet address is derived from the private key in `.env`. Ensure the environment where the skill runs is highly secured. Implement strict access controls for the `.env` file and environment variables. Consider using external signing services or hardware security modules if the agent's operational environment allows for it, to minimize direct exposure of the private key to the skill's runtime. | LLM | scripts/update.mjs:22 | |
| HIGH | Direct Access to Pinata JWT Environment Variable The `register.mjs` and `update.mjs` scripts explicitly access the `PINATA_JWT` environment variable for IPFS storage. This is a sensitive credential that, if compromised, could allow unauthorized access to the associated Pinata account. The `SKILL.md` also mentions `PINATA_JWT` as an optional environment variable. Ensure the environment where the skill runs is highly secured. Implement strict access controls for the `.env` file and environment variables. If possible, use short-lived tokens or more granular permissions for API keys. | LLM | scripts/register.mjs:234 | |
| HIGH | Direct Access to Pinata JWT Environment Variable The `register.mjs` and `update.mjs` scripts explicitly access the `PINATA_JWT` environment variable for IPFS storage. This is a sensitive credential that, if compromised, could allow unauthorized access to the associated Pinata account. The `SKILL.md` also mentions `PINATA_JWT` as an optional environment variable. Ensure the environment where the skill runs is highly secured. Implement strict access controls for the `.env` file and environment variables. If possible, use short-lived tokens or more granular permissions for API keys. | LLM | scripts/update.mjs:78 | |
| MEDIUM | Unpinned npm dependency version Dependency 'agent0-sdk' is not pinned to an exact version ('^1.5.2'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/callmedas69/basecred-8004-registration/package.json | |
| MEDIUM | Unpinned Dependency in package.json The `package.json` file specifies `agent0-sdk` with a caret (`^1.5.2`), allowing minor version updates. While `scripts/setup.sh` explicitly installs `agent0-sdk@1.5.2`, subsequent `npm install` commands (if `package-lock.json` is not present or ignored) could pull in newer, potentially vulnerable versions without explicit review. This introduces a supply chain risk. Pin the dependency to an exact version (e.g., `"agent0-sdk": "1.5.2"`) in `package.json` to ensure consistent and predictable dependency resolution. Regularly review and update dependencies to their latest secure versions. | LLM | package.json:20 |
Scan History
Embed Code
[](https://skillshield.io/report/efadda9f625b8ae2)
Powered by SkillShield