Trust Assessment
chaos-singularity received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 10 findings: 4 critical, 5 high, 1 medium, and 0 low severity. Key findings include Arbitrary command execution, Dangerous call: subprocess.run(), Automated Cryptocurrency Transactions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings10
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/davidmosiah/chaos-singularity-skill/scripts/chaos_casino.py:25 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/davidmosiah/chaos-singularity-skill/scripts/chaos_casino.py:46 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/davidmosiah/chaos-singularity-skill/scripts/singularity_burst.py:17 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/davidmosiah/chaos-singularity-skill/scripts/singularity_burst.py:39 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'get_recent_feed'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/davidmosiah/chaos-singularity-skill/scripts/chaos_casino.py:25 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'trigger_jackpot'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/davidmosiah/chaos-singularity-skill/scripts/chaos_casino.py:46 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'run_swap'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/davidmosiah/chaos-singularity-skill/scripts/singularity_burst.py:17 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'get_new_tokens'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/davidmosiah/chaos-singularity-skill/scripts/singularity_burst.py:39 | |
| HIGH | Automated Cryptocurrency Transactions The skill uses `subprocess.run` to execute `npx moltlaunch swap` commands, which initiate cryptocurrency buy transactions. This grants the skill the ability to spend funds from the user's configured wallet without explicit, per-transaction user confirmation. While this is the intended automation, it represents a high-impact permission that could lead to significant financial loss if the skill is misused or compromised. Implement a confirmation step for each transaction or a daily/session spending limit. Ensure the `moltlaunch` CLI is configured with appropriate security measures (e.g., password protection, hardware wallet integration). Clearly document the financial risks to the user. | LLM | scripts/chaos_casino.py, scripts/singularity_burst.py:40 | |
| MEDIUM | Unpinned `moltlaunch` CLI Dependency The skill relies on the `moltlaunch` CLI tool, which is executed via `npx`. The version of `moltlaunch` is not pinned, meaning `npx` will fetch the latest available version. This introduces a supply chain risk, as a malicious update to the `moltlaunch` package could introduce vulnerabilities or backdoors that the skill would then execute. Specify a fixed version for the `moltlaunch` CLI dependency (e.g., `npx moltlaunch@1.2.3`) or provide instructions for users to install a specific version globally. | LLM | SKILL.md:59 |
Scan History
Embed Code
[](https://skillshield.io/report/e241fb9b4b54863a)
Powered by SkillShield