Trust Assessment
emoji-voter received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 1 high, 2 medium, and 2 low severity. Key findings include Unpinned npm dependency version, Node lockfile missing, Direct use of EVM_PRIVATE_KEY from environment variables.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Direct use of EVM_PRIVATE_KEY from environment variables The skill directly loads and uses `EVM_PRIVATE_KEY` from environment variables, which grants it full control over the associated EVM wallet. While this is necessary for its intended function (on-chain payments and signing), it makes the skill a high-value target for attackers. If the skill's code or its execution environment is compromised, the private key could be exfiltrated or misused. The `dotenv` configuration also loads from the current working directory (`config();`), which could allow an attacker to override sensitive environment variables if they can control the execution context. Consider using a more secure method for handling private keys, such as a hardware security module (HSM), a secure vault service, or requiring explicit user confirmation for each transaction. If environment variables are necessary, ensure the execution environment is highly secured and restrict `dotenv` loading to known, trusted paths only (e.g., remove `config();` which loads from CWD). | LLM | scripts/vote-and-post.mjs:20 | |
| MEDIUM | Unpinned npm dependency version Dependency '@x402/fetch' is not pinned to an exact version ('^2.3.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/bill-makes/emoji-today/scripts/package.json | |
| MEDIUM | Skill allows arbitrary `mint-to` address for NFT minting The `mint` subcommand allows specifying an arbitrary `--mint-to` address via command-line arguments. This means an agent using this skill could be prompted by a malicious actor to mint an NFT to an attacker's wallet, leading to unintended asset transfer. While this is a feature of the skill, it represents a high-risk permission that could be exploited through prompt injection against the agent. Implement additional safeguards for sensitive operations like NFT minting to arbitrary addresses. This could include requiring explicit user confirmation for non-default `mint-to` addresses, or restricting `mint-to` addresses to a pre-approved list or addresses associated with the user's Farcaster ID. | LLM | scripts/vote-and-post.mjs:100 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/bill-makes/emoji-today/scripts/package.json | |
| LOW | Dependencies use caret (`^`) version ranges The `package.json` file uses caret (`^`) version ranges for its dependencies (e.g., `viem: "^2.0.0"`). This allows minor and patch updates to be installed automatically. While common, for a skill handling sensitive private keys and on-chain transactions, exact version pinning (e.g., `viem: "2.0.0"`) is a more secure practice to prevent unexpected behavior or the introduction of vulnerabilities through malicious updates in minor versions of dependencies. Pin all dependencies to exact versions to ensure deterministic builds and prevent unexpected changes from upstream packages. Regularly audit and manually update dependencies. | LLM | scripts/package.json:6 |
Scan History
Embed Code
[](https://skillshield.io/report/7222f994831a68f0)
Powered by SkillShield