Trust Assessment
dash-cog received a trust score of 97/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Unpinned Dependency.
The analysis covered 4 layers: dependency_graph, llm_behavioral_safety, manifest_analysis, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 15, 2026 (commit b520750d). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Unpinned Dependency The skill's manifest specifies a dependency 'cellcog' without a version constraint. This can lead to unexpected behavior or security vulnerabilities if a new, incompatible, or malicious version of the dependency is published and automatically pulled. Pin the 'cellcog' dependency to a specific version or a version range (e.g., `"cellcog==1.2.3"` or `"cellcog>=1.0.0,<2.0.0"`) to ensure stability and prevent supply chain attacks. | Unknown | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/be8bc46fa8d4e4e2)
Powered by SkillShield