Trust Assessment
lifi received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via unsanitized user input in shell commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via unsanitized user input in shell commands The skill's manifest declares a dependency on `curl` and `jq` binaries, and the `SKILL.md` provides multiple examples of `curl` commands that incorporate user-provided values (e.g., `FROM_ADDRESS`, `FROM_CHAIN`, `TO_CHAIN`, `FROM_TOKEN`, `TO_TOKEN`, `FROM_AMOUNT`, `TX_HASH`, `CHAIN_ID`). If the skill implementation directly substitutes these user inputs into shell commands without proper sanitization (e.g., shell escaping), an attacker could inject arbitrary shell commands. This is a common vulnerability in skills that execute external binaries with user-controlled parameters. Ensure all user-provided inputs are strictly validated and properly shell-escaped before being used in `curl` or `jq` commands. For Python, `shlex.quote()` is recommended. For other languages, use equivalent robust shell-escaping functions. | LLM | SKILL.md:70 |
Scan History
Embed Code
[](https://skillshield.io/report/a3c7b5a454ae7722)
Powered by SkillShield