Trust Assessment
x-finder-teneo received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 1 critical, 2 high, 1 medium, and 0 low severity. Key findings include Unpinned dependencies in installation instructions, Critical reliance on external SDK for crypto wallet authentication and transactions, Core functionality relies on unverified external WebSocket service.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 33/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Critical reliance on external SDK for crypto wallet authentication and transactions The skill explicitly requires 'wallet authentication to sign USDC transactions on-chain' and relies entirely on the `@teneo-protocol/sdk` for this functionality. If the SDK is compromised, malicious, or contains vulnerabilities, it could lead to unauthorized signing of transactions, credential harvesting (e.g., private keys, seed phrases if not handled securely by the wallet provider), or draining of user funds. While the skill claims credentials are not transmitted, this is a trust-based assertion that cannot be verified from the provided context and represents a significant attack surface. Implement robust security audits of the `@teneo-protocol/sdk` source code. Ensure the SDK uses secure practices for interacting with wallets (e.g., EIP-1193 compliant providers, secure key management, minimal permissions). Clearly document the exact permissions requested from the wallet and the security measures in place to protect user funds and credentials. Consider using hardware wallets or multi-signature schemes for enhanced security. | LLM | SKILL.md:12 | |
| HIGH | Unpinned dependencies in installation instructions The `npm install` command specifies `@teneo-protocol/sdk` and `dotenv` without version pinning. This can lead to non-deterministic builds, introduce breaking changes, or pull in malicious updates if a dependency is compromised, posing a significant supply chain risk. An attacker could publish a malicious version of one of these packages, and a skill installation would automatically pull it in. Pin all dependencies to specific versions (e.g., `npm install @teneo-protocol/sdk@1.2.3 dotenv@4.5.6`) or use a lock file (e.g., `package-lock.json`) to ensure deterministic installations and prevent unexpected updates. | LLM | SKILL.md:57 | |
| HIGH | Core functionality relies on unverified external WebSocket service The skill establishes a WebSocket connection to `wss://backend.developer.chatroom.teneo-protocol.ai/ws` for its core operations. This external service is a central point of trust. A compromised or malicious backend could exfiltrate any data processed by the skill (including potentially sensitive information gathered from 'social media, websites, and other data sources') or inject malicious commands into the agent's execution flow, leading to command injection or further compromise. Provide clear documentation on the security posture of the `teneo-protocol.ai` backend, including audit reports, data handling policies, and incident response plans. Implement strong authentication and encryption for WebSocket communication. Consider allowing users to configure trusted endpoints or providing a self-hosted option for critical deployments. | LLM | SKILL.md:63 | |
| MEDIUM | Skill description implies broad access to potentially sensitive data sources The skill is described as being able to 'search social media, websites, and other data sources to provide relevant, up-to-date content and answers to specific queries.' This broad scope suggests the skill may handle a wide variety of data, some of which could be personally identifiable information (PII) or other sensitive data. Without clear data handling policies, anonymization strategies, and explicit user consent mechanisms, there's a risk of unintended data exfiltration or misuse, especially given the external WebSocket connection. Clearly define the types of data the skill accesses, processes, and stores. Implement strict data minimization principles. Provide explicit consent mechanisms for users regarding data collection and usage. Detail data retention policies and anonymization techniques. | LLM | SKILL.md:34 |
Scan History
Embed Code
[](https://skillshield.io/report/f1adc0e28f5ef608)
Powered by SkillShield