{ "trust": { "tier": "Dangerous", "emoji": "๐Ÿ”ด", "description": "Multiple critical issues โ€” do not install without thorough manual review", "score": 20 }, "format": "skill", "skill": { "name": "ethereum-read-only", "description": "Foundry castใ‚’ไฝฟ็”จใ—ใŸใ‚ฆใ‚ฉใƒฌใƒƒใƒˆไธ่ฆใฎใ‚ชใƒณใƒใ‚งใƒผใƒณ็Šถๆ…‹่ชญใฟๅ–ใ‚Š", "version": "1.0.0", "slug": "ethereum-read-only" }, "scores": { "security": 0, "transparency": 7, "maintenance": 9, "overall": 2 }, "permissions": { "summary": "No declared permissions โ€” minimal attack surface.", "environmentVariables": [], "binaries": [], "envVarCount": 0, "requiredBinCount": 0 }, "compoundThreats": [ { "id": "credential_theft", "severity": "high", "description": "Accesses credentials AND sends data externally โ€” potential credential theft", "capabilities": [ "credential_access", "network_out" ], "owasp": [ "LLM02" ], "owaspAsi": [ "ASI03" ] }, { "id": "credential_obfuscation", "severity": "high", "description": "Accesses credentials AND encodes data โ€” may obfuscate stolen credentials", "capabilities": [ "credential_access", "data_encoding" ], "owasp": [ "LLM02" ], "owaspAsi": [ "ASI03", "ASI04" ] }, { "id": "remote_code_execution", "severity": "critical", "description": "Fetches from network AND uses eval/Function โ€” can execute remote code", "capabilities": [ "network_out", "dynamic_eval" ], "owasp": [ "LLM05", "LLM06" ], "owaspAsi": [ "ASI05" ] }, { "id": "obfuscated_execution", "severity": "critical", "description": "Encodes data AND uses eval โ€” classic obfuscated code execution (atob + eval)", "capabilities": [ "data_encoding", "dynamic_eval" ], "owasp": [ "LLM05" ], "owaspAsi": [ "ASI05", "ASI10" ] } ], "permissionIntegrity": [ { "type": "undeclared_capability", "severity": "high", "description": "Makes network requests but does not declare curl/wget in required binaries", "declared": [], "actual": "network_out", "owasp": [ "LLM06" ], "owaspAsi": [ "ASI02" ] }, { "type": "undeclared_capability", "severity": "high", "description": "Code accesses API keys/tokens but declares no environment variables", "actual": "credential_access", "owasp": [ "LLM06" ], "owaspAsi": [ "ASI02" ] } ], "capabilities": [ "network_out", "credential_access", "dynamic_eval", "data_encoding" ], "findings": [ { "severity": "critical", "category": "shell_injection", "description": "Pipe-to-shell pattern (curl | sh) โ€” supply chain attack vector", "zone": "code", "zoneContext": "instruction", "file": "SKILL.md", "downgraded": false, "sample": "curl -L https://foundry.paradigm.xyz | bash", "owasp": [ "LLM05", "LLM06" ], "owaspAsi": [ "ASI02", "ASI05" ], "confidence": "pattern" }, { "severity": "critical", "category": "shell_injection", "description": "Pipe to bash โ€” executes piped content as shell commands", "zone": "code", "zoneContext": "instruction", "file": "SKILL.md", "downgraded": false, "sample": "| bash", "owasp": [ "LLM05", "LLM06" ], "owaspAsi": [ "ASI02", "ASI05" ], "confidence": "pattern" }, { "severity": "critical", "category": "obfuscation", "description": "Unicode homoglyph detected โ€” uses lookalike characters to evade pattern matching", "zone": "code", "zoneContext": "instruction", "file": "SKILL.md", "downgraded": false, "sample": "", "owasp": [ "LLM01", "LLM03" ], "owaspAsi": [ "ASI04", "ASI10" ], "confidence": "pattern" }, { "severity": "high", "category": "filesystem", "description": "Accesses shell history/config", "zone": "code", "zoneContext": "instruction", "file": "SKILL.md", "downgraded": false, "sample": "~/.zshrc", "owasp": [ "LLM06" ], "owaspAsi": [ "ASI02" ], "confidence": "pattern" } ], "summary": { "total": 4, "critical": 3, "high": 1, "medium": 0, "low": 0, "compoundThreats": 4, "integrityIssues": 2 }, "trustSignals": { "positive": [ { "signal": "versioned", "positive": true, "detail": "Version 1.0.0" }, { "signal": "described", "positive": true, "detail": "Has meaningful description" }, { "signal": "documented", "positive": true, "detail": "SKILL.md has substantial documentation" } ], "negative": [ { "signal": "undeclared_env", "positive": false, "detail": "Uses credentials in code but declares no env vars" } ] }, "files": { "hasExecutableCode": false, "executableFiles": [], "totalFiles": 2 }, "humanSummary": "ethereum-read-only scores 20/100 (Dangerous). It declares no permissions. Fetches from network AND uses eval/Function โ€” can execute remote code. 2 undeclared capabilities detected โ€” the skill does more than its permissions suggest. 3 critical pattern matches in code.", "auditedAt": "2026-04-23T03:44:03.491Z", "vtEnrichment": { "checked": 3, "flagged": 0, "urls": [ { "url": "https://foundry.paradigm.xyz", "malicious": 1, "suspicious": 0, "engines": 91, "cached": true }, { "url": "https://eth-mainnet.alchemyapi.io/v2/YOUR-API-KEY", "malicious": 0, "suspicious": 0, "engines": 0, "cached": false }, { "url": "https://polygon-mainnet.g.alchemy.com/v2/YOUR-API-KEY", "malicious": 0, "suspicious": 0, "engines": 98, "cached": true } ] } }