Trust Assessment
web3-testing received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Skill demonstrates access to PRIVATE_KEY environment variable, Skill demonstrates access to various API keys and RPC URLs from environment variables, Skill demonstrates direct shell command execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Skill demonstrates access to PRIVATE_KEY environment variable The skill's `hardhat.config.js` example explicitly shows how to access `process.env.PRIVATE_KEY`. If the AI agent executes this configuration, it will load a highly sensitive private key from its environment, which could be used for unauthorized transactions or exfiltrated if not handled securely by the agent's execution environment. Avoid direct access to `PRIVATE_KEY` in skill examples. If necessary, emphasize extreme caution, secure storage, and ephemeral use. Recommend using hardware wallets or secure key management services where possible, and never exposing private keys directly to the agent's memory or logs. | LLM | SKILL.md:40 | |
| HIGH | Skill demonstrates access to various API keys and RPC URLs from environment variables The `hardhat.config.js` example shows access to `process.env.MAINNET_RPC_URL`, `process.env.GOERLI_RPC_URL`, `process.env.COINMARKETCAP_API_KEY`, and `process.env.ETHERSCAN_API_KEY`. These environment variables often contain sensitive API keys or RPC endpoints that could be used for unauthorized access, rate limit abuse, or data exfiltration if exposed or misused by the AI agent. Advise against directly exposing API keys and RPC URLs in skill examples. If necessary, instruct the agent to use secure methods for accessing and managing these credentials, such as dedicated secrets management services, and to ensure they are not logged or stored insecurely. | LLM | SKILL.md:34 | |
| MEDIUM | Skill demonstrates direct shell command execution The skill provides examples of executing shell commands such as `npx hardhat coverage`, `npm install`, and `npx hardhat test` (lines 263, 277-280). While the examples themselves are benign, the demonstration of direct shell command execution introduces a risk of command injection if the AI agent constructs these commands using untrusted or unsanitized user input. When providing examples of shell command execution, include explicit warnings about sanitizing any user-provided input before incorporating it into shell commands. Recommend using libraries or methods that safely escape or validate command arguments. | LLM | SKILL.md:263 |
Scan History
Embed Code
[](https://skillshield.io/report/31dcf30a016ac65f)
Powered by SkillShield