Trust Assessment
warren-nft received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 7 findings: 2 critical, 2 high, 3 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Unpinned Dependency in Setup Script, Direct Use of Blockchain Private Key from Environment Variable.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Direct Use of Blockchain Private Key from Environment Variable The `deploy-nft.js` script directly reads a blockchain private key from the `PRIVATE_KEY` environment variable. This private key is then used to instantiate an `ethers.Wallet`, which can sign transactions and spend funds. While the skill expects the user to provide this, any compromise of the skill's execution environment or the skill itself could lead to the private key being misused, resulting in irreversible loss of assets. Avoid handling raw private keys directly in scripts. Recommend using more secure methods for transaction signing, such as hardware wallet integrations, secure key management services, or prompting for the key securely without storing it in environment variables or command history. If environment variables are unavoidable, emphasize extreme caution and suggest using temporary, single-use keys or keys with limited permissions. | LLM | deploy-nft.js:17 | |
| CRITICAL | Deployment of Opaque Smart Contract Bytecode The `deploy-nft.js` script contains hardcoded, truncated smart contract bytecodes (`PAGE_BYTECODE`, `NFT_BYTECODE`) that are deployed to the blockchain. These bytecodes represent the core logic of the NFT contracts. Without access to the full, verifiable source code and a clear compilation process, these bytecodes are opaque and cannot be audited for vulnerabilities or malicious functionality by the user or the analyzer. Deploying unaudited bytecode carries significant risk, as it could contain backdoors, vulnerabilities, or unexpected behaviors that could lead to loss of funds or control over the NFT collection. Provide the full, verifiable source code for the smart contracts. Recommend that users compile the contracts themselves from trusted source code or verify the deployed bytecode against known, audited source code. This ensures transparency and allows for security audits. | LLM | deploy-nft.js:76 | |
| HIGH | Unpinned Dependency in Setup Script The `setup.sh` script installs the `ethers` package without specifying a version. This is an unpinned dependency, which creates a supply chain risk. If a malicious version of `ethers` were published to the npm registry, it could be installed and executed, potentially compromising the user's system or credentials. Pin the `ethers` dependency to a specific, known-good version (e.g., `npm install ethers@5.7.2` or `ethers@6.x.x`) to ensure consistent and secure installations. | LLM | setup.sh:4 | |
| HIGH | Incomplete Code Provided for Analysis The provided `deploy-nft.js` file is significantly truncated, with a large portion (57,886 characters) missing. This prevents a comprehensive security review, as critical vulnerabilities such as command injection, further data exfiltration vectors, or credential harvesting mechanisms could be present in the unanalyzed sections of the code. Without the full code, it's impossible to guarantee the absence of malicious or insecure practices. Provide the complete and untruncated source code for `deploy-nft.js` to enable a thorough and accurate security analysis. | LLM | deploy-nft.js:79 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/planetai87/warren-nft/deploy-nft.js:92 | |
| MEDIUM | Arbitrary File System Read Access The `deploy-nft.js` script uses the Node.js `fs` module to read files from a user-specified `--images-folder`. While intended for image files, this capability allows the script to read arbitrary files on the local filesystem if the `--images-folder` argument is manipulated (e.g., via path traversal attacks like `../../../../etc/passwd`). This could lead to data exfiltration of sensitive local files. Implement strict validation and sanitization of the `--images-folder` path to prevent path traversal. Ensure the path points only to expected image directories and does not allow access to sensitive system locations. Consider sandboxing the execution environment to limit filesystem access. | LLM | deploy-nft.js:10 | |
| MEDIUM | External API Call for Data Registration The `deploy-nft.js` script makes an HTTP POST request to an external API endpoint (`https://megawarren.xyz/api/container-nfts` or a user-defined `REGISTER_API`) to register the deployed NFT collection. This API call sends metadata about the collection. While part of the skill's intended functionality, it introduces an external network dependency. If the API endpoint were compromised or malicious, it could collect sensitive information or be used as a vector for data exfiltration if combined with other vulnerabilities. Clearly document what data is sent to this external API. Users should be aware of the data sharing implications. Ensure the API endpoint is trusted and secured. Provide an option for users to disable this registration step if they prefer not to send data to an external service. | LLM | deploy-nft.js:23 |
Scan History
Embed Code
[](https://skillshield.io/report/224297055669e9e5)
Powered by SkillShield