Trust Assessment
btc15-prediction-market received a trust score of 55/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 3 high, 1 medium, and 1 low severity. Key findings include Missing required field: name, Node lockfile missing, Unpinned Python Dependencies.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned Python Dependencies The skill's installation instructions specify Python dependencies (`web3`, `python-dotenv`, `requests`) without pinning their versions. This allows `pip` to install the latest available version, which could introduce breaking changes, vulnerabilities, or even malicious code if a package maintainer's account is compromised or a malicious version is published. This is a significant supply chain risk. Pin all Python dependencies to specific versions (e.g., `web3==6.11.1 python-dotenv==1.0.0 requests==2.31.0`) to ensure deterministic builds and prevent unexpected or malicious updates. Consider using a `requirements.txt` file with pinned versions. | LLM | SKILL.md:49 | |
| HIGH | External Repository Dependency The skill relies on cloning an external GitHub repository (`https://github.com/kamal-sutra/clawbtc15.git`) as a core component. This introduces a direct supply chain risk, as the integrity and security of the entire skill are dependent on this third-party repository. If the external repository is compromised or becomes malicious, the skill will be compromised. For critical dependencies, consider vendoring the code directly into the skill's repository or, at minimum, pin the `git clone` operation to a specific commit hash to prevent unexpected changes. Regularly audit the external repository for security vulnerabilities. | LLM | SKILL.md:46 | |
| HIGH | Handling of Sensitive Private Keys The skill requires the user to provide highly sensitive private keys (`MAKER_KEY`, `TRADER_KEY`, `RESOLVER_KEY`) by placing them directly into a `.env` file. These keys grant full control over associated blockchain accounts and funds. While `python-dotenv` is used for loading, the actual agent code that processes and uses these keys is not provided in the context. The presence of the `requests` library as a dependency raises concerns about potential credential exfiltration if the agent code is malicious or vulnerable. Without visibility into the agent's source code, there's a significant risk of these keys being mishandled or exfiltrated. Implement robust secure credential management practices. If possible, avoid direct handling of raw private keys. Consider using hardware security modules (HSMs), secure enclaves, or multi-party computation (MPC) solutions for key management. Thoroughly audit the agent code (`maker_agent.py`, etc.) to ensure private keys are used only for their intended purpose and are not transmitted or logged insecurely. Ensure network requests are only made to trusted endpoints. | LLM | SKILL.md:56 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/kamal-sutra/btc15-prediction-market/SKILL.md:1 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/kamal-sutra/btc15-prediction-market/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/17ff01839c99db92)
Powered by SkillShield