Trust Assessment
crypto-agent-payments received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 1 critical, 1 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Private Key Exposure via Command Line Arguments, Private Key Storage in .env File.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Private Key Exposure via Command Line Arguments The skill documentation explicitly instructs users to pass the `PRIVATE_KEY` directly in the command line as an environment variable (e.g., `PRIVATE_KEY=0x... mcporter call`). This practice is highly insecure as environment variables passed this way are often visible in process lists (`ps aux`), shell history, and system logs, leading to the compromise of the private key. An attacker with local access or access to system logs could easily extract the key. Instruct users to load private keys from secure sources (e.g., a dedicated secrets manager, encrypted file, or secure prompt) that do not expose the key in plain text in command line arguments or environment variables visible to other processes. The `mcporter` tool or the underlying `mcp-server` should be designed to accept secrets via secure channels, such as standard input or a dedicated configuration file with strict permissions. | LLM | SKILL.md:100 | |
| HIGH | Private Key Storage in .env File The `setup_wallet` tool is documented to 'save PRIVATE_KEY to .env'. Storing sensitive credentials like private keys in a `.env` file is a significant security risk. While common in development, `.env` files can be accidentally committed to version control, exposed by misconfigured servers, or accessed by other processes on the same system if file permissions are not strictly controlled. This increases the attack surface for private key compromise. Avoid storing private keys directly in `.env` files, especially for production or sensitive operations. Instead, recommend using a dedicated secrets management solution (e.g., AWS Secrets Manager, HashiCorp Vault, Kubernetes Secrets), environment variables loaded securely at runtime, or a secure, encrypted local key store. If a file must be used, it should be encrypted and have very strict file system permissions. | LLM | SKILL.md:50 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/nicofains1/crypto-agent-payments/SKILL.md:1 | |
| MEDIUM | Unpinned Dependency in Setup Instructions The setup instructions use `npx -y @onlyswaps/mcp-server@latest stdio`. Relying on the `@latest` tag for a dependency means that any new version of the `mcp-server` package will be automatically downloaded and executed without explicit review. This introduces a supply chain risk, as a malicious update to the package could be introduced by the maintainers or through a compromise of their build/publish pipeline, potentially leading to arbitrary code execution or data exfiltration on the host system. Pin the dependency to a specific, immutable version (e.g., `npx -y @onlyswaps/mcp-server@1.2.3 stdio`) to ensure deterministic builds and prevent unexpected or malicious updates. Regularly review and manually update to newer versions after verifying their integrity and security. Consider using a lock file mechanism if available for `npx` or the underlying package manager. | LLM | SKILL.md:28 |
Scan History
Embed Code
[](https://skillshield.io/report/a5cfe4cde7e5abab)
Powered by SkillShield