Trust Assessment
book-blowout received a trust score of 98/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Skill designed to collect and transmit PII.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Skill designed to collect and transmit PII The `create_booking` tool, defined within the skill, requires and is designed to transmit Personally Identifiable Information (PII) such as `customerName`, `customerEmail`, and `customerPhone` to an external endpoint (`https://lokuli.com/mcp/sse`). While this is necessary for the skill's stated booking functionality, it introduces a risk of data exfiltration if the external service is compromised or malicious. Users should be fully aware of the data being shared and the privacy policy of the external service. Ensure explicit user consent is obtained before collecting and transmitting PII. Clearly communicate the data being shared and the privacy practices of the external service (`lokuli.com`). Implement robust data protection measures for PII in transit and at rest. | LLM | SKILL.md:30 |
Scan History
Embed Code
[](https://skillshield.io/report/3e8fb078e54c9bfa)
Powered by SkillShield