Security Audit

jb-nft-gallery-ui

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 3 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

jb-nft-gallery-ui received a trust score of 57/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 7 findings: 0 critical, 2 high, 0 medium, and 5 low severity. Key findings include Covert behavior / concealment directives, Cross-Site Scripting (XSS) via unvalidated NFT metadata, Unpinned external JavaScript dependencies.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

90%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

2 findings

Shell Execution

2 findings

Security Findings7

Severity	Finding	Layer	Location
HIGH	Cross-Site Scripting (XSS) via unvalidated NFT metadata The skill constructs HTML elements and JavaScript event handlers using unvalidated data fetched from NFT metadata (`tokenURI` or `resolvedUri`). Specifically, the `onclick` attribute for NFT cards (line 304) directly interpolates `tier.resolvedUri`, `tier.name`, `tier.description`, and `tier.image` into a JavaScript string literal. If an attacker controls the NFT contract, they can provide malicious metadata containing single quotes or other JavaScript syntax, breaking out of the string and executing arbitrary JavaScript. Furthermore, the modal's content (e.g., `modalImage.innerHTML`, `modalAttributes.innerHTML`) is likely populated with similar untrusted metadata, creating additional XSS vectors if not properly sanitized. This allows an attacker to execute arbitrary code in the user's browser, potentially leading to session hijacking, data theft, or other client-side attacks. All untrusted data, especially strings intended for HTML attributes or `innerHTML`, must be properly sanitized or escaped. For `onclick` attributes, avoid direct string interpolation of untrusted values. Instead, pass only primitive types or use event listeners attached via JavaScript after DOM creation. For displaying text, prefer `textContent` over `innerHTML`. If rich HTML content is required, use a robust HTML sanitization library.	LLM	SKILL.md:304
HIGH	Unpinned external JavaScript dependencies The skill imports JavaScript modules from `https://esm.sh/viem` and `https://esm.sh/viem/chains` without specifying a version. This means that any future update to these libraries, or a compromise of the `esm.sh` CDN, could silently introduce malicious code into the skill. This poses a significant supply chain risk, as an attacker could potentially execute arbitrary code in the user's browser. Pin all external dependencies to specific, immutable versions. For `esm.sh`, this can typically be done by appending `@<version>` to the package name (e.g., `https://esm.sh/viem@1.x.x`). Regularly review and update these pinned versions.	LLM	SKILL.md:199
LOW	Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/mejango/juicy/jb-nft-gallery-ui/SKILL.md:91
LOW	Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/mejango/juicy/jb-nft-gallery-ui/SKILL.md:131
LOW	Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/mejango/juicy/jb-nft-gallery-ui/SKILL.md:141
LOW	Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/mejango/juicy/jb-nft-gallery-ui/SKILL.md:160
LOW	Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/mejango/juicy/jb-nft-gallery-ui/SKILL.md:167

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/38c67fd27d5b2599.svg)](https://skillshield.io/report/38c67fd27d5b2599)