Trust Assessment
blockchain_attestation received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unpinned npm dependency version, Path Traversal Vulnerability in File Operations, Unpinned Dependencies in package.json.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Path Traversal Vulnerability in File Operations The skill allows user-controlled file paths for `--output-file`, `--save`, and `--offchain-file` arguments without proper sanitization. An attacker could provide paths containing `../` sequences or absolute paths to read from or write to arbitrary locations on the file system outside the intended skill directory. This could lead to unauthorized file modification, data exfiltration, or denial of service. Sanitize all user-provided file paths to ensure they are resolved within a designated, secure subdirectory. Use `path.resolve()` with a base directory and then verify that the resolved path remains within that base directory. For example: ```javascript const baseDir = path.resolve(__dirname, 'data'); // Or a more appropriate base const userPath = options.outputFile; const resolvedPath = path.resolve(baseDir, userPath); // Ensure the resolved path is still within the base directory if (!resolvedPath.startsWith(baseDir + path.sep) && resolvedPath !== baseDir) { throw new Error('Path traversal attempt detected.'); } // Use resolvedPath for fs operations ``` Apply this sanitization to all file path arguments: `--output-file`, `--save`, and `--offchain-file`. | LLM | attest.mjs:308 | |
| MEDIUM | Unpinned npm dependency version Dependency '@ethereum-attestation-service/eas-sdk' is not pinned to an exact version ('^2.9.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/dbhurley/blockchain-attestation/package.json | |
| INFO | Unpinned Dependencies in package.json The `package.json` file uses caret (`^`) ranges for dependencies (`@ethereum-attestation-service/eas-sdk`, `commander`, `ethers`). While `package-lock.json` pins exact versions, using caret ranges in `package.json` means that future `npm install` operations (especially without a lockfile or after `npm update`) could pull in newer, potentially incompatible or vulnerable versions of these packages without explicit review. This introduces a minor supply chain risk. Consider pinning dependencies to exact versions (e.g., `"ethers": "6.13.4"`) to ensure deterministic builds and prevent unexpected updates. Alternatively, regularly audit dependencies for known vulnerabilities and ensure `package-lock.json` is always committed and used. | LLM | package.json:10 |
Scan History
Embed Code
[](https://skillshield.io/report/a6aa0b9df766295c)
Powered by SkillShield