Trust Assessment
eyebot-alphabot received a trust score of 62/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 0 medium, and 1 low severity. Key findings include Node lockfile missing, Potential data exfiltration via configurable API endpoint, Skill designed to facilitate remote arbitrary command execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Skill designed to facilitate remote arbitrary command execution The `alphabot.sh` script constructs a JSON payload where user-supplied arguments are directly embedded into a `request` field, and the `mode` field is explicitly set to `"exec"`. This design indicates that the skill is intended to send arbitrary commands for execution on a remote API server. While the local script itself is not vulnerable to shell injection, it acts as a direct conduit for remote command injection, posing a critical risk if the remote API is not extremely robust in its validation and execution environment. Re-evaluate the necessity of allowing arbitrary command execution on the remote server. If remote execution is required, the remote API must implement stringent input validation, sanitization, and privilege separation to prevent malicious commands. Consider replacing the generic "exec" mode with specific, parameterized API calls for each supported action to limit the scope of potential attacks. | LLM | scripts/alphabot.sh:14 | |
| HIGH | Potential data exfiltration via configurable API endpoint The `alphabot.sh` script sends user-provided commands to a remote API endpoint defined by the `EYEBOT_API` environment variable. If an attacker can control this environment variable, they can redirect all commands and their arguments (which may contain sensitive data like wallet addresses or specific queries) to an arbitrary server, leading to data exfiltration. Ensure the `EYEBOT_API` environment variable is securely managed and cannot be easily manipulated by untrusted users or processes. If the skill is deployed in an environment where `EYEBOT_API` could be controlled by an attacker, consider hardcoding the API endpoint or validating it against a strict whitelist. | LLM | scripts/alphabot.sh:16 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/eyebots/eyebot-alphabot/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/bf3bc4d48c0eaff8)
Powered by SkillShield