Trust Assessment
warren-nft received a trust score of 69/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 6 findings: 0 critical, 1 high, 2 medium, and 2 low severity. Key findings include Unsafe deserialization / dynamic eval, Unpinned npm dependency version, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Direct exposure and use of private key The skill explicitly instructs the user to provide a raw Ethereum private key as an environment variable (`PRIVATE_KEY=0x...`) for direct use by the `deploy-nft.js` script. While necessary for blockchain interactions, this method exposes a highly sensitive credential directly to the execution environment. If the AI agent or its execution environment is compromised, or if the user is socially engineered, this private key could be exfiltrated or misused, leading to loss of funds. This is a significant risk for an AI agent skill, as agents might be prompted to execute this with real credentials. Implement a more secure method for handling private keys, such as integration with a secure wallet provider (e.g., MetaMask, WalletConnect), hardware security modules (HSMs), or a dedicated key management service. Avoid direct exposure of raw private keys in environment variables, especially for AI agent interactions. If direct key access is unavoidable, ensure robust security measures are in place for the execution environment and provide clear warnings to the user about the risks. | LLM | SKILL.md:100 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/planetai87/warren-nft-mainnet/deploy-nft.js:94 | |
| MEDIUM | Unpinned npm dependency version Dependency 'ethers' is not pinned to an exact version ('^6.16.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/planetai87/warren-nft-mainnet/package.json | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/planetai87/warren-nft-mainnet/package.json | |
| LOW | External API call for collection registration The script defines `REGISTER_API` pointing to `https://thewarren.app/api/container-nfts`. This external API is likely used to register deployed NFT collections. While this is a common and often legitimate practice for web3 projects to provide management interfaces, without the full source code of `deploy-nft.js`, it's impossible to verify what specific data is sent to this endpoint. There is a potential, albeit low, risk of unintended data exfiltration if sensitive information beyond basic collection metadata were to be transmitted. Review the full implementation of the `REGISTER_API` call within `deploy-nft.js` to ensure that only necessary and non-sensitive collection metadata is transmitted to the external service. Clearly document what data is sent to this endpoint. | LLM | deploy-nft.js:22 | |
| INFO | Large, opaque smart contract bytecode The `deploy-nft.js` script contains very large hexadecimal strings (`PAGE_BYTECODE`, `NFT_BYTECODE`) representing pre-compiled smart contract bytecode. While deploying pre-compiled contracts is standard practice, the sheer volume and opaque nature of this bytecode make it extremely difficult for a human or automated tool to audit for embedded malicious logic. The security of the deployed contracts relies entirely on the integrity of this bytecode, which cannot be easily verified without access to the original source code and compilation process. Provide the Solidity source code for `PAGE_BYTECODE` and `NFT_BYTECODE`, along with verification instructions (e.g., compiler version, optimization settings) to allow for independent auditing and verification of the deployed contract logic. | LLM | deploy-nft.js:58 |
Scan History
Embed Code
[](https://skillshield.io/report/d58e530d74ccb934)
Powered by SkillShield