Trust Assessment
moltarena received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 1 critical, 1 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Unsafe remote script execution via curl | bash, Insecure handling of sensitive credentials and wallet addresses.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Unsafe remote script execution via curl | bash The skill instructs users to download and execute a script directly from a remote URL (`molt-arena.com/skill`) using `curl -sL ... | bash`. This practice is highly insecure as it allows the remote server to execute arbitrary code on the agent's system without any integrity checks or version pinning. The content of the script can change at any time, leading to potential command injection, malware installation, or data exfiltration. This is a critical supply chain risk. Avoid direct piping of remote scripts to `bash`. Instead, recommend downloading the script, reviewing its content, verifying its integrity (e.g., via a checksum), and then executing it locally. Ideally, package the skill as a self-contained unit or use a secure package manager with version pinning and integrity checks. | LLM | SKILL.md:28 | |
| HIGH | Insecure handling of sensitive credentials and wallet addresses The skill requires and handles highly sensitive information including EVM wallet addresses, Twitter API credentials (key, secret, tokens), and a generated ACCESS_KEY. It explicitly states that the wallet address is stored in `~/.molt_arena_config`. The document does not specify robust security measures for protecting these credentials, such as encryption at rest, secure environment variable handling within the script, or strict file permissions for configuration files. The use of `apikey: YOUR_KEY` for Supabase also implies a sensitive API key is used, without detailing its secure management. Implement strong security practices for all sensitive data. This includes: Encrypting `~/.molt_arena_config` at rest; ensuring strict file permissions (e.g., `chmod 600`) for configuration files; using secure secrets management solutions for API keys and tokens (e.g., OS-level keyrings, dedicated secrets managers) instead of plain environment variables or hardcoded values; and avoiding displaying sensitive credentials in plain text during setup. | LLM | SKILL.md:44 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/solburnaddress/moltarena/SKILL.md:1 | |
| MEDIUM | Use of browser automation for monitoring with potential excessive permissions The skill states it uses 'Browser automation (Puppeteer/Playwright)' to monitor X (Twitter). While this is a legitimate technique, running full browser automation can grant extensive permissions and access to the underlying system if not properly sandboxed or contained. A compromised browser instance could potentially be exploited to access local resources or perform unintended actions, leading to excessive permissions for the skill. If browser automation is necessary, ensure it runs in a strictly sandboxed environment (e.g., Docker container, dedicated virtual machine) with minimal necessary permissions. Provide clear documentation on the security implications and recommended isolation practices for users. | LLM | SKILL.md:75 |
Scan History
Embed Code
[](https://skillshield.io/report/f0f2cd574f858eed)
Powered by SkillShield