Trust Assessment
molt-registry received a trust score of 69/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 1 high, 2 medium, and 2 low severity. Key findings include Unpinned npm dependency version, Node lockfile missing, Skill accesses private key from environment variables.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill accesses private key from environment variables The skill's `getWallet` function explicitly retrieves a blockchain private key (`WALLET_PRIVATE_KEY` or `DEPLOYER_PRIVATE_KEY`) from environment variables. This credential is used to sign transactions for the `register` and `rate` functions. While necessary for the skill's functionality, the direct access to a private key makes the skill a high-value target for attackers if the execution environment is compromised. An attacker gaining control of the skill's process could potentially exfiltrate this private key. Consider using a more secure method for handling private keys, such as a dedicated key management service (KMS), hardware security module (HSM), or a secure vault, rather than directly exposing it as an environment variable to the skill's runtime. If environment variables are unavoidable, ensure the runtime environment is highly secured and isolated. Implement strict access controls and monitoring for the environment where this skill runs. | LLM | index.js:29 | |
| MEDIUM | Unpinned npm dependency version Dependency 'ethers' is not pinned to an exact version ('^6.10.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/drjmz/moltbook-registry/package.json | |
| MEDIUM | Skill performs state-changing blockchain transactions with private key The `register` and `rate` functions within the skill perform write operations on the blockchain, specifically calling `contract.registerAgent` and `contract.logReputation`. These actions require a private key (accessed via `WALLET_PRIVATE_KEY`) and involve sending Ether (ETH) as a registration/logging fee. This grants the skill significant control over the associated blockchain wallet and its on-chain identity/funds. While this is the intended functionality, it represents a high-privilege operation. Ensure that the AI agent invoking this skill has a clear understanding of the financial and identity implications of these transactions. Implement robust user confirmation steps before executing `register` or `rate` to prevent unintended or malicious use. Consider implementing spending limits or multi-signature requirements for the wallet associated with the private key. | LLM | index.js:120 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/drjmz/moltbook-registry/package.json | |
| LOW | Unpinned dependencies in package.json The `package.json` file specifies dependencies (`ethers`, `dotenv`) using caret (`^`) ranges, e.g., `"ethers": "^6.10.0"`. This allows for automatic updates to minor and patch versions. While common, this practice introduces a supply chain risk where a malicious update to a dependency could be automatically pulled into the project without explicit review, potentially introducing vulnerabilities or backdoors. Pin all dependencies to exact versions (e.g., `"ethers": "6.10.0"`) to ensure deterministic builds and prevent unexpected changes from upstream packages. Use a dependency lock file (like `package-lock.json` or `yarn.lock`) and regularly audit dependencies for known vulnerabilities. | LLM | package.json:5 |
Scan History
Embed Code
[](https://skillshield.io/report/fe652bd60f15eaa9)
Powered by SkillShield