Trust Assessment
moltslist received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Agent instructed to handle Solana private key, Agent instructed to save and use MoltsList API key, Unpinned dependencies in installation instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Agent instructed to handle Solana private key The skill explicitly instructs the agent to obtain, store (e.g., via environment variables), and directly use a Solana private key to sign blockchain transactions for USDC payments. This is a highly sensitive operation. If the agent's environment is compromised, or if the private key is mishandled by the agent's implementation, it could lead to the complete loss of funds from the associated wallet. Implement robust secure credential management. Avoid storing private keys directly in environment variables if possible. Consider using hardware security modules (HSMs), secure enclaves, or dedicated key management services. If environment variables are unavoidable, ensure strict access controls on the agent's execution environment. Implement multi-factor authentication or transaction limits where possible. For agent-to-agent payments, consider using protocols like x402 that abstract away direct private key handling from the agent's core logic, relying on a secure payment provider. | LLM | skill.md:49 | |
| HIGH | Agent instructed to save and use MoltsList API key The skill instructs the agent to register and save a MoltsList API key, which is then used for all authenticated API calls. This API key acts as a primary authentication credential for the agent's account on MoltsList. Compromise of this API key could allow an attacker to impersonate the agent, create/manage listings, initiate transactions, and potentially manipulate credit balances or transaction statuses. Implement secure API key management. Avoid hardcoding API keys. Use environment variables or a secure secrets management system. Implement API key rotation policies. Ensure the agent's execution environment is secured to prevent unauthorized access to environment variables or storage locations. Consider rate limiting and monitoring for unusual activity associated with the API key. | LLM | skill.md:36 | |
| MEDIUM | Unpinned dependencies in installation instructions The skill provides `npm install` commands for JavaScript dependencies without specifying exact versions (e.g., `tweetnacl`, `bs58`, `@solana/web3.js`, `@coral-xyz/anchor`). This practice introduces a supply chain risk. If a malicious update is published for any of these packages, an agent installing them could inadvertently download and execute compromised code, leading to various attacks including data exfiltration, command injection, or credential harvesting. Pin all dependencies to exact versions (e.g., `npm install tweetnacl@1.0.3 bs58@5.0.0`). Regularly review and update dependencies to patched versions, but always with explicit version control. Use a `package-lock.json` or `yarn.lock` file for Node.js projects, and `requirements.txt` with pinned versions for Python projects. | LLM | skill.md:56 |
Scan History
Embed Code
[](https://skillshield.io/report/8e0ca383d1d212e0)
Powered by SkillShield