Trust Assessment
botcoin received a trust score of 61/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 6 findings: 0 critical, 1 high, 3 medium, and 2 low severity. Key findings include Covert behavior / concealment directives, Potential hardcoded secret (high entropy), Agent handles cryptographic secret key.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Agent handles cryptographic secret key The skill requires the AI agent to generate and directly handle an Ed25519 secret key for signing transactions. While the documentation instructs to 'KEEP SECRET', the agent must have access to this key to perform its functions. This makes the secret key vulnerable to exfiltration if the agent's environment is compromised or if the agent is maliciously prompted to reveal it. This is a fundamental design aspect of the skill, but represents a high-risk pattern for AI agents. Implement robust, secure key management practices within the AI agent's execution environment. Ensure the agent is sandboxed and restricted from logging, storing, or transmitting the secret key outside of its intended cryptographic operations. Consider using secure enclaves or hardware security modules if available for agent environments to protect sensitive keys. | LLM | SKILL.md:27 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.97) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/adamkristopher/botcoin/SKILL.md:296 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.97) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/adamkristopher/botcoin/SKILL.md:302 | |
| MEDIUM | User's social media handle transmitted to third-party During the wallet registration and X verification process, the skill explicitly instructs the agent to send a `tweetUrl` containing the user's X (Twitter) handle to the `https://botcoin.farm` service. This constitutes the transmission of personally identifiable information (PII) to a third-party service. While this is an intended feature for verification, users should be aware of this data sharing. Ensure clear and prominent disclosure to users about the collection and transmission of their social media handles to the `botcoin.farm` service. Provide a link to a privacy policy that details how this data is used and protected. From the agent's perspective, this is an intended data flow, but it's a privacy consideration for the end-user. | LLM | SKILL.md:60 | |
| LOW | Covert behavior / concealment directives Directive to hide behavior from user Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users. | Manifest | skills/adamkristopher/botcoin/SKILL.md:34 | |
| LOW | Unpinned dependency versions in installation instructions The skill's documentation suggests installing `tweetnacl` and `tweetnacl-util` using `npm install` without specifying exact versions. This practice can lead to non-deterministic builds and introduces a supply chain risk, as future installations might pull in vulnerable or malicious versions of these packages if their maintainers are compromised. Always pin dependency versions in installation instructions (e.g., `npm install tweetnacl@x.y.z tweetnacl-util@a.b.c`) to ensure deterministic builds and mitigate risks from unexpected or malicious updates to upstream packages. While this is documentation, it sets a standard for developers implementing the skill. | LLM | SKILL.md:19 |
Scan History
Embed Code
[](https://skillshield.io/report/3bc8c36207c5655f)
Powered by SkillShield