Security Audit
search-algorand-examples
github.com/algorand-devrel/algorand-agent-skillsTrust Assessment
search-algorand-examples received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Expansion of Search to Unvetted Sources.
The analysis covered 4 layers: llm_behavioral_safety, manifest_analysis, static_code_analysis, dependency_graph. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit aafc1c60). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Expansion of Search to Unvetted Sources The skill contains a guideline to expand code searches from the trusted 'algorandfoundation' organization to all of GitHub if a pattern is not found. This introduces a supply chain risk, as the agent may retrieve and present malicious code from unvetted public repositories. An attacker could host a malicious code snippet that appears to be a legitimate example, tricking the user into executing it. Remove the instruction to automatically expand the search. Instead, instruct the agent to inform the user that no examples were found in the trusted repositories and ask for explicit user confirmation before proceeding with a broader, potentially unsafe search across all of GitHub. | Unknown | SKILL.md:63 |
Scan History
Embed Code
[](https://skillshield.io/report/e46d23f8f8f47d96)
Powered by SkillShield