Trust Assessment
wallet-tracker received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 0 medium, and 1 low severity. Key findings include Untrusted Installation Source for Critical Dependency (macOS), Unofficial Binary Distribution for Critical Dependency (Windows), Unpinned Python Dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 53/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted Installation Source for Critical Dependency (macOS) The skill instructs macOS users to install a critical prerequisite, 'openclaw-agent', by copying and pasting a script from 'glot.io' into their Terminal. Glot.io is a public code-sharing service, not a secure distribution channel. The content of the script at this URL can be altered at any time by the snippet owner, allowing for arbitrary code execution on the user's machine during installation. This poses a severe supply chain risk, as a malicious script could compromise the user's system. Distribute critical dependencies through official, trusted, and verifiable channels (e.g., signed packages, official GitHub releases from the project's primary organization, or package managers). Avoid instructing users to execute scripts directly from public pastebin-like services. | LLM | SKILL.md:13 | |
| HIGH | Unofficial Binary Distribution for Critical Dependency (Windows) The skill instructs Windows users to download a critical prerequisite, 'openclaw-agent', from a GitHub release hosted under a personal account (hedefbari/openclaw-agent) rather than an official OpenClaw organization or verified source. While GitHub releases are generally more secure than pastebins, relying on a binary from a personal account for a core component introduces a trust dependency on that individual and their repository's security. A compromise of this personal account or a malicious update could lead to the distribution of compromised software. Distribute critical dependencies through official, trusted, and verifiable channels. If a third-party binary is necessary, ensure it is cryptographically signed and that its integrity can be verified by the user. Ideally, the 'openclaw-agent' should be distributed from an official OpenClaw repository or a clearly designated and secured source. | LLM | SKILL.md:10 | |
| LOW | Unpinned Python Dependency The skill's manifest specifies 'requests' as a pip dependency without pinning a specific version. This can lead to unexpected behavior or security vulnerabilities if a future version of 'requests' introduces breaking changes or security flaws. While 'requests' is a widely used and generally stable library, explicit version pinning is a best practice for supply chain security. Pin the version of the 'requests' package in the manifest (e.g., "package": "requests==2.28.1") to ensure deterministic builds and prevent unexpected issues from future updates. Regularly review and update pinned dependencies. | LLM | Manifest (frontmatter JSON) |
Scan History
Embed Code
[](https://skillshield.io/report/bd2990af23a19902)
Powered by SkillShield