Trust Assessment
beacon received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 16 findings: 4 critical, 1 high, 8 medium, and 2 low severity. Key findings include Arbitrary command execution, Unsafe deserialization / dynamic eval, Missing required field: name.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 3/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings16
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Node.js child_process require Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/scottcjn/beacon/bin/beacon.js:9 | |
| CRITICAL | Arbitrary command execution Node.js synchronous shell execution Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/scottcjn/beacon/bin/beacon.js:41 | |
| CRITICAL | Arbitrary command execution Node.js synchronous shell execution Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/scottcjn/beacon/bin/beacon.js:92 | |
| CRITICAL | Disabled SSL Verification for RustChain Client The `RustChainClient` is initialized with `verify_ssl=False` by default. This disables SSL certificate verification for connections to the RustChain API. This makes the client vulnerable to Man-in-the-Middle (MITM) attacks, where an attacker could intercept, read, or modify sensitive transaction data and credentials without detection. Given that RustChain handles cryptocurrency transactions, this is a critical security vulnerability. Set `verify_ssl=True` by default and ensure it cannot be easily overridden to `False` in production environments. If self-signed certificates are used, provide a mechanism to specify trusted CA certificates rather than disabling verification entirely. | LLM | beacon_skill/transports/rustchain.py:59 | |
| HIGH | Plaintext Storage of API Keys and Private Keys The skill stores API keys (for BoTTube, Moltbook) and RustChain private keys in plain text within `~/.beacon/config.json`. While `os.chmod(path, 0o600)` attempts to restrict file permissions on POSIX systems, this method of storage is inherently insecure on systems where file permissions can be bypassed or if the local system is compromised. An attacker gaining local access could easily retrieve these sensitive credentials. Consider using a secure credential store (e.g., OS keyring, environment variables for API keys, or prompting for private keys at runtime for sensitive operations) instead of plain text files. If file storage is unavoidable, ensure strong encryption at rest. | LLM | beacon_skill/config.py:34 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/scottcjn/beacon/bin/beacon.js:75 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/scottcjn/beacon/SKILL.md:1 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/scottcjn/beacon/beacon_skill/transports/bottube.py:4 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/scottcjn/beacon/beacon_skill/transports/moltbook.py:4 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/scottcjn/beacon/beacon_skill/transports/rustchain.py:7 | |
| MEDIUM | Suspicious import: socket Import of 'socket' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/scottcjn/beacon/beacon_skill/transports/udp.py:1 | |
| MEDIUM | Unpinned Python dependency version Dependency 'requests>=2.25' is not pinned to an exact version. Pin Python dependencies with exact versions where feasible. | Dependencies | skills/scottcjn/beacon/pyproject.toml | |
| MEDIUM | Information Disclosure via RustChain Transaction Memo The `memo` field in RustChain transactions is user-controlled and included in the signed transaction data, which is then broadcast to the blockchain. Any information placed in this `memo` field will become a permanent, publicly visible record. Users might inadvertently include sensitive or private information in this field, leading to unintended information disclosure. Add a clear warning in the CLI or documentation advising users not to include sensitive information in the `memo` field, as it will be publicly recorded on the blockchain. | LLM | beacon_skill/transports/rustchain.py:100 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/scottcjn/beacon/package.json | |
| LOW | Unpinned Python Dependencies The Python dependencies `requests` and `cryptography` are specified with minimum versions (`requests>=2.25`, `cryptography>=41`) rather than exact versions in `pyproject.toml` and `bin/beacon.js`. This introduces a supply chain risk, as future versions of these libraries could introduce breaking changes, vulnerabilities, or malicious code without explicit review. Pin dependencies to exact versions (e.g., `requests==2.28.1`, `cryptography==41.0.3`) using a `requirements.txt` or `poetry.lock` file, and update them regularly after security review. | LLM | pyproject.toml:12 | |
| INFO | Storage of Untrusted UDP Message Content The `cmd_udp_listen` function writes the raw text content of received UDP messages directly to `~/.beacon/inbox.jsonl`. This text (`msg.text`) originates from untrusted network sources. While the skill itself does not execute this content, storing arbitrary untrusted data locally could pose a risk if other applications or agents later read and process this file without proper sanitization or validation, potentially leading to command injection or other vulnerabilities in those downstream systems. Implement strict sanitization or validation of `msg.text` before writing it to `inbox.jsonl`, especially if it's intended for display or further processing by other tools. Consider if storing the raw, untrusted text is truly necessary, or if only parsed, validated data should be retained. | LLM | beacon_skill/cli.py:307 |
Scan History
Embed Code
[](https://skillshield.io/report/5d406ec67fdb1338)
Powered by SkillShield