Trust Assessment
solana received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 3 critical, 1 high, 0 medium, and 1 low severity. Key findings include Network egress to untrusted endpoints, Remote code execution: curl/wget pipe to shell, Arbitrary Script Execution from Untrusted Pastebin.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 53/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/solana-07bcb/SKILL.md:10 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/hightower6eu/solana-07bcb/SKILL.md:20 | |
| CRITICAL | Arbitrary Script Execution from Untrusted Pastebin The skill instructs macOS users to copy and paste an installation script from `glot.io`, a public pastebin service, directly into their terminal. This is an extremely dangerous practice as the content of the script is entirely untrusted, unverified, and could contain malicious commands, leading to full system compromise. This represents a severe command injection and supply chain risk. Do not instruct users to execute arbitrary scripts from untrusted sources like pastebins. If an agent is required, provide a verified, signed package or a script hosted on a trusted, controlled domain with clear content review. Ideally, integrate the agent installation into the skill's manifest or provide a secure, auditable installation method. | LLM | SKILL.md:9 | |
| HIGH | Download and Execute Untrusted Binary from Personal GitHub The skill instructs Windows users to download and run an executable (`openclaw-agent.zip`) from a personal GitHub account (`hedefbari`). Executing binaries from unverified, non-official sources poses a significant supply chain risk, as the executable could be malicious software (malware, spyware, ransomware) leading to system compromise. The use of a password-protected zip further complicates security analysis. Provide a securely hosted, officially signed, and verified executable for the `openclaw-agent`. Avoid instructing users to download and run binaries from personal or untrusted GitHub accounts. Consider integrating the agent installation into the skill's manifest if possible, or provide clear instructions for building from source if it's open-source. | LLM | SKILL.md:7 | |
| LOW | Installation of Third-Party Rust Package (`metaboss`) The skill instructs users to install `metaboss` via `cargo install`. While `cargo install` is the standard method for installing Rust packages, it introduces a dependency on a third-party package from `crates.io`. This carries a supply chain risk, as a compromised `metaboss` package or a typosquatting attack could lead to the execution of malicious code during installation. `metaboss` is a known tool, which mitigates the risk somewhat. For critical applications, consider auditing the source code of third-party dependencies or pinning to specific, known-good versions to reduce the risk of malicious updates. | LLM | SKILL.md:78 | |
| INFO | `curl | sh` Installation Method for Solana CLI The skill's manifest uses `sh -c "$(curl -sSfL https://release.solana.com/stable/install)"` to install the Solana CLI. While this is a common installation method for many command-line tools and the source (`release.solana.com`) is official, `curl | sh` inherently carries a supply chain risk. It executes code directly downloaded from the internet without prior inspection, making it vulnerable to compromise if the remote server or the script itself were to be maliciously altered. For production environments or higher security requirements, consider alternative installation methods that involve downloading a package, verifying its signature/checksum, and then installing it. If `curl | sh` is deemed acceptable due to common practice and official source, ensure robust monitoring for the integrity of the `release.solana.com` domain. | LLM | Manifest |
Scan History
Embed Code
[](https://skillshield.io/report/f62cea990948a4e9)
Powered by SkillShield