Trust Assessment
soroban-trader received a trust score of 32/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 1 critical, 2 high, 1 medium, and 2 low severity. Key findings include Unsafe deserialization / dynamic eval, Unpinned npm dependency version, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 68/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Fixed Salt in Key Derivation for Private Key Encryption The encryption mechanism for storing the private key uses a hardcoded string 'salt' as the salt for `crypto.scryptSync`. This fixed salt significantly weakens the security of the encrypted private key. If an attacker gains access to the `wallet.json` file, they can perform offline brute-force attacks or use precomputed tables (rainbow tables) against the password, as the salt is constant and known. This makes the stored private key highly vulnerable to compromise. Generate a unique, cryptographically secure random salt for each encryption operation. Store this salt alongside the encrypted data (e.g., as part of the `wallet.json` structure or prepended to the ciphertext). When decrypting, retrieve the stored salt and use it with the password to derive the key. This ensures that each encrypted private key is uniquely salted, preventing rainbow table attacks and significantly increasing the cost of brute-force attacks. | LLM | index.js:24 | |
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/kaankacar/burhanclaw-soroban-trader/index.js:30 | |
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/kaankacar/burhanclaw-soroban-trader/index.js:40 | |
| MEDIUM | Unpinned npm dependency version Dependency '@stellar/stellar-sdk' is not pinned to an exact version ('^14.5.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/kaankacar/burhanclaw-soroban-trader/package.json | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/kaankacar/burhanclaw-soroban-trader/package.json | |
| LOW | Caret Dependency for Critical Library The `package.json` specifies `@stellar/stellar-sdk` with a caret (`^`) dependency (`^14.5.0`). While common, this allows minor and patch updates to be automatically installed. If a vulnerability is introduced in a future `14.x.y` version, it could be pulled into the project without explicit review, posing a supply chain risk. For critical libraries handling financial transactions, exact version pinning is generally recommended. Pin the dependency to an exact version (e.g., `"@stellar/stellar-sdk": "14.5.0"`) to ensure deterministic builds and prevent unexpected updates. Alternatively, ensure a `package-lock.json` is committed and used consistently, and regularly review dependency updates for security advisories. | LLM | package.json:15 |
Scan History
Embed Code
[](https://skillshield.io/report/6eacaefba3a6415b)
Powered by SkillShield