Security Audit
claude-dev-suite/claude-dev-suite:skills/api-design/graphql
github.com/claude-dev-suite/claude-dev-suiteTrust Assessment
claude-dev-suite/claude-dev-suite:skills/api-design/graphql received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 0 low severity. Key findings include Broad File System Permissions Declared.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on March 16, 2026 (commit 8c8434ef). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| INFO | Broad File System Permissions Declared The skill declares 'Write' and 'Edit' permissions, which grant broad access to modify files within the agent's workspace. While potentially necessary for a skill focused on 'GraphQL API design' and 'code generation' (e.g., writing schema files, generating types), these permissions allow arbitrary file modification and should be used with caution. Users should be aware of the scope of these permissions. Review if 'Edit' permission is strictly necessary, or if more granular permissions (e.g., 'Write' to specific directories or file types) could suffice. Ensure the skill's implementation strictly adheres to its stated purpose when using these permissions. | LLM | Manifest:1 |
Scan History
Embed Code
[](https://skillshield.io/report/37c1aee0fbe78f4c)
Powered by SkillShield