Trust Assessment
usd1 received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 0 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Unpinned npm dependency version, Direct Private Key Input for Transaction Signing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Direct Private Key Input for Transaction Signing The skill requires the user's raw private key as a direct input parameter (`privateKey`) to perform a transaction. This is an extremely high-risk practice in an AI agent context. Exposing a private key directly to an LLM skill can lead to its compromise through logging, insecure storage, or accidental exposure in conversation. While the `SKILL.md` advises 'Use secure agent input for keys', the skill's design itself forces the agent to handle this sensitive credential directly, creating a critical vulnerability. Modify the skill to avoid direct handling of raw private keys. Instead, consider alternative secure methods such as: 1. **Transaction Signing Service:** The skill generates an unsigned transaction, which the agent then passes to a separate, secure signing service (e.g., a hardware wallet, a secure enclave, or a dedicated signing microservice) that never exposes the private key to the LLM or the skill. 2. **Pre-signed Transactions:** If applicable, accept a pre-signed transaction from the agent. 3. **Key Management System (KMS) Integration:** Integrate with a robust KMS that can authorize and sign transactions without revealing the private key to the skill's runtime environment. Directly passing private keys to an LLM skill is fundamentally insecure and should be avoided. | LLM | index.js:4 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/asgherali/usd1/SKILL.md:1 | |
| MEDIUM | Unpinned npm dependency version Dependency '@wormhole-foundation/sdk' is not pinned to an exact version ('^4.9.1'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/asgherali/usd1/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/24c369bb91724180)
Powered by SkillShield