Trust Assessment
openindex-cli received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Private Key Exposure via Environment Variable or CLI Argument, Unpinned `npm` Dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Private Key Exposure via Environment Variable or CLI Argument The skill explicitly instructs the user/agent to expose a private key by setting it as an environment variable (`export OPENINDEX_PRIVATE_KEY=0x...`) or by passing it directly as a command-line argument (`-k KEY`). For an AI agent, this practice is highly insecure as private keys in environment variables or command-line history/process lists can be easily logged, exfiltrated, or accessed by other processes, leading to compromise of associated crypto assets or identities. Avoid instructing the agent to store or pass private keys directly in environment variables or command-line arguments. Instead, recommend using secure secret management solutions (e.g., KMS, secure vaults, or prompting the user for the key at runtime if absolutely necessary) that do not expose the key in the agent's runtime environment. If the CLI tool supports it, use a configuration file with restricted permissions or an interactive prompt for sensitive credentials. This issue is also present on line 140 with the `-k` flag. | LLM | SKILL.md:36 | |
| MEDIUM | Unpinned `npm` Dependency The installation instruction `npm install -g @openindex/openindexcli` uses an unpinned dependency. This means that the skill will always install the latest version of the `@openindex/openindexcli` package. If a future version of this package is compromised or introduces malicious code, the agent executing this installation instruction would automatically pull the compromised version, leading to a supply chain attack. Pin the dependency to a specific version (e.g., `npm install -g @openindex/openindexcli@1.2.3`) to ensure deterministic and secure installations. Regularly review and update the pinned version after verifying its integrity. | LLM | SKILL.md:21 |
Scan History
Embed Code
[](https://skillshield.io/report/af741f2542ff223b)
Powered by SkillShield