Trust Assessment
bnb-nft received a trust score of 77/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 1 low severity. Key findings include Unpinned npm dependency version, Direct handling of private keys for blockchain transactions, Fetches external NFT metadata from potentially untrusted `tokenURI`.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Direct handling of private keys for blockchain transactions The `nft.js` script directly accepts and uses a private key (from `BNB_PRIVATE_KEY` environment variable or `--key` argument) to sign blockchain transactions. While necessary for its functionality (e.g., `transferNFT`, `approveNFT`, `setApprovalForAll`), this makes the skill a high-value target. A compromise of the skill's execution environment or the `nft.js` code itself could lead to the private key being exposed or misused, resulting in unauthorized access to or loss of funds. Users should be explicitly warned about the risks of providing private keys. Recommend using dedicated signing services (e.g., hardware wallets, secure key management systems) or temporary, funded wallets for specific operations. Developers should ensure the private key is never logged or persisted and consider using secure environment variables over command-line arguments to prevent exposure in shell history. | LLM | nft.js:300 | |
| MEDIUM | Unpinned npm dependency version Dependency 'ethers' is not pinned to an exact version ('^6.16.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/clawzai/bnb-nft/package.json | |
| LOW | Fetches external NFT metadata from potentially untrusted `tokenURI` The `getMetadata` function fetches data from `tokenURI` which is provided by the NFT contract. If a malicious contract provides a `tokenURI` pointing to an attacker-controlled server, this could be used to track the agent's activity (e.g., which NFTs it's querying) or serve malformed JSON data. While the current parsing (`response.json()`) is generally safe, it represents an external network call to an arbitrary URL, introducing a dependency on external, untrusted content. Implement robust error handling and timeouts for external network requests. Consider adding a warning to users about the potential for `tokenURI` to point to malicious sites. If feasible, implement stricter validation or sanitization of `tokenURI` (e.g., allow-listing domains), though this might be impractical for broad NFT support. | LLM | nft.js:100 |
Scan History
Embed Code
[](https://skillshield.io/report/72fbeba23d1144fd)
Powered by SkillShield