Trust Assessment
attio received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Unpinned npm dependency in setup script, API credentials stored in plaintext configuration file.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | API credentials stored in plaintext configuration file The `setup.sh` script writes sensitive API credentials (`ATTIO_ACCESS_TOKEN` and `ATTIO_WORKSPACE_ID`) directly into the `mcporter` configuration file (`~/.config/mcporter/servers/attio/config.json`) in plaintext. This exposes these credentials to anyone with read access to the local filesystem, making them highly vulnerable to compromise and exfiltration. Storing secrets in plaintext is a significant security risk. Avoid storing sensitive credentials in plaintext files. Instead, rely on environment variables that are set securely at runtime, or integrate with a secure secrets management system. If `mcporter` requires these values in its configuration, investigate if it supports referencing secrets from a secure store or environment variables directly without writing them to the config file. Ensure the `config.json` file has strict permissions (e.g., `chmod 600`) as a temporary mitigation, but prioritize removing plaintext storage. | LLM | setup.sh:60 | |
| HIGH | Unpinned npm dependency in setup script The `setup.sh` script installs the `attio-mcp` npm package globally using `npm install -g attio-mcp` without specifying a version. This practice introduces a supply chain risk, as a future execution of the setup script could install a new, potentially malicious, version of the package. This could lead to arbitrary code execution on the system if the `attio-mcp` package maintainer's account is compromised or a malicious update is pushed. Pin the `attio-mcp` dependency to a specific, known-good version (e.g., `npm install -g attio-mcp@1.2.3`) to ensure reproducible and secure installations. Consider using a package lock file if possible. | LLM | setup.sh:24 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/kesslerio/attio-crm/setup.sh:11 |
Scan History
Embed Code
[](https://skillshield.io/report/6d8799190f71b7bd)
Powered by SkillShield