Trust Assessment
ghostbot-aclm received a trust score of 55/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 6 findings: 1 critical, 2 high, 1 medium, and 1 low severity. Key findings include Unpinned npm dependency version, Node lockfile missing, Hardcoded Private Key.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Hardcoded Private Key The `config.mjs` file contains a hardcoded Ethereum private key. This is a severe security vulnerability as it allows anyone with access to the skill package to compromise the associated testnet account. Even for testnet environments, hardcoding private keys is a dangerous practice and should be avoided. Remove the hardcoded private key. Always load private keys from secure environment variables, a secrets management service, or a secure prompt at runtime. Ensure the default value is removed or replaced with a placeholder that prevents execution without a properly configured key. | LLM | scripts/config.mjs:15 | |
| HIGH | Potential Command Injection via User Input The `SKILL.md` instructs the LLM to execute `node` scripts with user-provided arguments (e.g., `add-liquidity.mjs`, `post-signal.mjs`). If the LLM constructs the shell command string by directly concatenating user input without proper sanitization or escaping, a malicious user could inject arbitrary shell commands. For example, providing an argument like `1000; rm -rf /` could lead to unintended system compromise. When executing shell commands with user-provided arguments, ensure that all arguments are properly sanitized and escaped to prevent shell metacharacters from being interpreted as commands. Use a robust command execution library or function that handles argument escaping automatically, or explicitly quote and escape each argument. | LLM | SKILL.md:69 | |
| HIGH | Private Key Exposed via Environment Variable The skill's scripts (`config.mjs`) are designed to read a private key from the `DEPLOYER_PRIVATE_KEY` environment variable. While this is a common pattern for secrets, it poses a risk if the execution environment is not perfectly isolated or if the skill itself is compromised. A malicious actor could potentially exfiltrate this environment variable, gaining control of the associated blockchain account. This risk is compounded by the presence of a hardcoded default private key. For production or sensitive environments, consider using more secure methods for handling private keys, such as hardware security modules (HSMs), cloud-based secret managers, or secure key vaults, rather than relying solely on environment variables. If environment variables must be used, ensure strict access controls on the execution environment. | LLM | scripts/config.mjs:15 | |
| MEDIUM | Unpinned npm dependency version Dependency 'viem' is not pinned to an exact version ('^2.20.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/aqiljaafree/ghostbot-uniswap-v4hooks-testnet/scripts/package.json | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/aqiljaafree/ghostbot-uniswap-v4hooks-testnet/scripts/package.json | |
| INFO | Unpinned Dependency Version The `package.json` specifies the `viem` dependency using a caret (`^`) prefix, allowing minor and patch updates. While generally acceptable, for security-critical applications, pinning to exact versions (`viem: "2.20.0"`) can provide greater stability and prevent unexpected changes or vulnerabilities introduced in newer versions from being automatically pulled in. Consider pinning dependencies to exact versions to ensure deterministic builds and reduce the risk of unexpected changes from upstream packages. Regularly audit and update dependencies to incorporate security fixes. | LLM | scripts/package.json:5 |
Scan History
Embed Code
[](https://skillshield.io/report/5c759d09342728fc)
Powered by SkillShield