Trust Assessment
NadMail received a trust score of 42/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 9 findings: 0 critical, 0 high, 8 medium, and 1 low severity. Key findings include Unsafe deserialization / dynamic eval, Potential hardcoded secret (high entropy), Sensitive environment variable access: $HOME.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 65/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings9
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/daaab/nadmail/scripts/crypto-utils.js:3 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/daaab/nadmail/scripts/send.js:157 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/daaab/nadmail/scripts/setup.js:10 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/daaab/nadmail/scripts/setup.js:72 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/daaab/nadmail/scripts/setup.js:111 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.57) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/daaab/nadmail/scripts/register.js:124 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/daaab/nadmail/SKILL.md:76 | |
| MEDIUM | Unpinned npm dependency version Dependency 'ethers' is not pinned to an exact version ('^6.16.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/daaab/nadmail/package.json | |
| LOW | Unpinned Ethers.js Dependency in package.json The `ethers` dependency in `package.json` uses a caret (`^`) version range (`^6.16.0`). While `package-lock.json` pins the exact version, allowing minor version updates in `package.json` can introduce unexpected changes or vulnerabilities if the `package-lock.json` is not strictly honored (e.g., in environments that regenerate lock files or use `--no-package-lock`). For security-critical components like a cryptocurrency library, it is best practice to pin dependencies to exact versions to ensure deterministic builds and prevent supply chain attacks through malicious updates to minor or patch versions. Pin the `ethers` dependency to an exact version in `package.json` (e.g., `"ethers": "6.16.0"`). After updating, run `npm install` to update `package-lock.json` accordingly. | LLM | package.json:10 |
Scan History
Embed Code
[](https://skillshield.io/report/ae4b13ddb0e09d65)
Powered by SkillShield