Trust Assessment
roier-seo received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 7 findings: 0 critical, 1 high, 2 medium, and 2 low severity. Key findings include Hidden network beacons / undisclosed telemetry, Unpinned npm dependency version, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 458b1186). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Hidden network beacons / undisclosed telemetry DNS query with variable subdomain (DNS exfiltration) Remove undisclosed network calls and telemetry. All outbound communication should be documented and necessary for the skill's stated purpose. BCC injection in email tools is almost always malicious. | Manifest | cli-tool/components/skills/web-development/roier-seo/scripts/audit-api.js:172 | |
| MEDIUM | Unpinned npm dependency version Dependency 'lighthouse' is not pinned to an exact version ('^12.0.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | cli-tool/components/skills/web-development/roier-seo/scripts/package.json | |
| MEDIUM | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | cli-tool/components/mcps/devtools/figma-dev-mode.json:4 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | cli-tool/components/skills/web-development/roier-seo/scripts/package.json | |
| LOW | Covert behavior / concealment directives Multiple zero-width characters (stealth text) Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users. | Manifest | cli-tool/components/mcps/devtools/jfrog.json:4 | |
| INFO | Chrome `--no-sandbox` flag used in audit script The `audit.js` script launches Chrome with the `--no-sandbox` flag. While common for headless environments, this flag disables a critical security feature of Chrome. If the audited website contains malicious content that can exploit a Chrome vulnerability, disabling the sandbox could allow an attacker to escape the browser process and potentially affect the host system where the skill is running. This increases the risk when auditing untrusted or external URLs. Consider removing the `--no-sandbox` flag if the skill is used to audit potentially malicious or untrusted external content, or if the execution environment is not sufficiently isolated. Ensure the environment running the skill is secure and isolated. | Static | scripts/audit.js:60 | |
| INFO | API Key passed via command line and URL parameter The `audit-api.js` script accepts an API key via a command-line argument (`--key=API_KEY`) and then includes it directly in the URL for the PageSpeed Insights API request. Passing sensitive information like API keys via command-line arguments can expose them to other users on the same system (e.g., via `ps aux` command) or in shell history. Including it in the URL can lead to its exposure in server logs, proxy logs, or browser history, which could be a credential harvesting risk if the key is highly sensitive. For highly sensitive API keys, consider alternative methods for secure credential handling, such as environment variables, a dedicated credential store, or a configuration file with restricted permissions. For this specific Google API key, which is typically less sensitive and rate-limited, the current approach might be acceptable, but users should be aware of the exposure risks. | Static | scripts/audit-api.js:160 |
Scan History
Embed Code
[](https://skillshield.io/report/f4708e69090eb0ab)
Powered by SkillShield