Trust Assessment
the-flip received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 1 high, 2 medium, and 1 low severity. Key findings include Sensitive environment variable access: $HOME, Unpinned npm dependency version, User-controlled file path for sensitive data loading.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | User-controlled file path for sensitive data loading The `app/demo.mjs` script's `loadWallet` function takes a `keyPath` argument, which is directly derived from user input (`process.argv[4]`). This allows an attacker to specify an arbitrary file path. The script then reads the content of this file using `fs.readFileSync`. While the script attempts to parse it as JSON for a `Keypair`, the act of reading an arbitrary file constitutes a data exfiltration vulnerability. An attacker could potentially read sensitive files (e.g., private keys, `/etc/passwd`, environment variables, other configuration files) if they can control the `keyPath` argument. Avoid directly reading sensitive files based on unvalidated user-provided paths. If a file path must be provided, implement strict validation (e.g., restrict to a specific directory, sanitize input, or use a file picker/secure credential store provided by the agent environment). For private keys, prefer using environment variables, secure prompts, or an agent's built-in credential management system instead of file paths. | LLM | app/demo.mjs:38 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/maurodelazeri/the-flip/SKILL.md:97 | |
| MEDIUM | Unpinned npm dependency version Dependency '@coral-xyz/anchor' is not pinned to an exact version ('^0.30.1'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/maurodelazeri/the-flip/package.json | |
| LOW | Unpinned minor/patch dependencies in package.json The `package.json` file uses caret (`^`) ranges for its dependencies (e.g., `@coral-xyz/anchor: "^0.30.1"`). This allows automatic updates to new minor and patch versions. While `package-lock.json` pins exact versions, a fresh `npm install` or `npm update` could pull in new versions that might contain vulnerabilities or breaking changes not present in the originally tested versions. For critical applications, exact pinning (`~` or fixed versions) is generally preferred to ensure deterministic builds and reduce the risk of unexpected changes from upstream dependencies. Consider using exact version pinning (e.g., `0.30.1`) or tilde ranges (e.g., `~0.30.1`) for dependencies to ensure greater control over the versions used in production and reduce the risk of unexpected changes from upstream packages. Regularly audit dependencies for known vulnerabilities. | LLM | package.json:9 |
Scan History
Embed Code
[](https://skillshield.io/report/44a4960924255232)
Powered by SkillShield