Trust Assessment
chaoschain received a trust score of 53/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 2 high, 3 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Unpinned Python dependency version, Skill requires and handles EVM private key for on-chain transactions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/sumeetchougule/chaoschain/scripts/chaoschain_skill.py:5 | |
| HIGH | Skill requires and handles EVM private key for on-chain transactions The skill explicitly requires the `CHAOSCHAIN_PRIVATE_KEY` environment variable for the `/chaoschain register` command. This private key is used to sign and submit on-chain transactions to the Ethereum Virtual Machine (EVM) compatible networks. While the skill is transparent about this requirement and its purpose, handling a private key within an automated agent's environment introduces a significant security risk. A compromise of the agent's execution environment or a vulnerability within the skill's code could lead to the private key being exposed or misused, potentially resulting in loss of funds or unauthorized actions on the blockchain. Users should be extremely cautious when providing private keys to any automated system. Minimize the use of private keys in automated environments. If necessary, ensure robust isolation, encryption, and access controls for the environment variables. Consider using alternative authentication methods like hardware wallets, multi-sig, or delegated signing services where the private key never leaves a secure enclave. Educate users on the risks associated with providing private keys. | LLM | SKILL.md:109 | |
| MEDIUM | Unpinned Python dependency version Requirement 'web3>=6.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/sumeetchougule/chaoschain/requirements.txt:4 | |
| MEDIUM | Unpinned Python dependency version Requirement 'eth-account>=0.8.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/sumeetchougule/chaoschain/requirements.txt:5 | |
| MEDIUM | Loose dependency version pinning in requirements.txt The `requirements.txt` file uses loose version pinning (`>=`) for `web3` and `eth-account`. This means that future installations could pull in newer, potentially incompatible, or even malicious versions of these libraries if a supply chain attack were to occur (e.g., a compromised package maintainer publishing a malicious update). While these are reputable libraries, exact version pinning (`==`) or at least minor version pinning (`~=`) is a best practice for security and reproducibility. Pin exact versions for all dependencies in `requirements.txt` (e.g., `web3==6.x.x`, `eth-account==0.x.x`). Regularly review and update dependencies to benefit from security patches, but do so in a controlled manner after vetting new versions. | LLM | requirements.txt:4 |
Scan History
Embed Code
[](https://skillshield.io/report/0d8ee4df4e8798d6)
Powered by SkillShield