Security Audit
nicobailon/visual-explainer:plugins/visual-explainer
github.com/nicobailon/visual-explainerTrust Assessment
nicobailon/visual-explainer:plugins/visual-explainer received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Public Exposure of Sensitive Data via Vercel Deployment, Unpinned Dependency Recommendation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on March 21, 2026 (commit 61f06e81). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Public Exposure of Sensitive Data via Vercel Deployment The `share.sh` script is designed to deploy user-generated HTML files to Vercel, making them publicly accessible via a live URL. The `SKILL.md` explicitly encourages generating HTML pages for content such as 'diff review', 'plan review', 'project recap', and 'fact-check'. These types of documents are highly likely to contain sensitive, proprietary, or confidential information (e.g., code changes, internal project plans, security assessments). Deploying such content to a public platform like Vercel without explicit user confirmation of the sensitivity of the content constitutes a significant data exfiltration risk. Before deploying, the skill should explicitly prompt the user to confirm that the content of the HTML file is not sensitive and is suitable for public sharing. Alternatively, provide an option to deploy to a private or password-protected environment if Vercel supports it, or clearly warn the user about the public nature of the deployment and advise against sharing sensitive data. The `SKILL.md` should also include a prominent warning about the public nature of shared content. | Static | scripts/share.sh:1 | |
| INFO | Unpinned Dependency Recommendation The `share.sh` script suggests installing the `vercel-deploy` skill using `pi install npm:vercel-deploy` if it's not found. This recommendation does not specify a version or commit hash for the `vercel-deploy` skill, which introduces a supply chain risk. If a malicious version of `vercel-deploy` were published to the npm registry, users following this recommendation could inadvertently install compromised software. When recommending skill installations, always specify a pinned version (e.g., `pi install npm:vercel-deploy@1.2.3`) or a specific commit hash to ensure reproducibility and mitigate the risk of installing a compromised package. The `SKILL.md` or installation instructions should also reflect this best practice. | Static | scripts/share.sh:30 |
Scan History
Embed Code
[](https://skillshield.io/report/51e40fab5511fa84)
Powered by SkillShield