Trust Assessment
setup-local-testnet received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 7 findings: 6 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Arbitrary command execution, Remote code execution: curl/wget pipe to shell.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/wpank/setup-local-testnet/SKILL.md:79 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/wpank/setup-local-testnet/SKILL.md:120 | |
| CRITICAL | Arbitrary command execution Remote code download piped to interpreter Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/wpank/setup-local-testnet/SKILL.md:52 | |
| CRITICAL | Arbitrary command execution Remote code download piped to interpreter Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/wpank/setup-local-testnet/SKILL.md:136 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/wpank/setup-local-testnet/SKILL.md:52 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/wpank/setup-local-testnet/SKILL.md:136 | |
| HIGH | Untrusted Script Execution Recommended The skill's documentation recommends installing a critical dependency (Anvil/Foundry) by piping a script directly from a URL to a shell (`curl -L <URL> | bash`). This practice is a significant supply chain risk as it executes code from an untrusted source without prior inspection or verification, potentially introducing malware or vulnerabilities into the user's environment. While this is an instruction to the user, it is part of the skill's recommended setup and thus poses a risk to the integrity of the environment where the skill operates. Advise users to install dependencies through trusted package managers (e.g., `apt`, `brew`, `npm`, `pip`) or by downloading and verifying official binaries/installers. If a script must be used, recommend downloading it first, reviewing its contents, and then executing it locally (e.g., `curl -L https://foundry.paradigm.xyz -o install.sh && less install.sh && bash install.sh`). | LLM | SKILL.md:51 |
Scan History
Embed Code
[](https://skillshield.io/report/e6da8244282f6c19)
Powered by SkillShield