Trust Assessment
book-flooring received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include PII sent to external service via `create_booking` tool.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | PII sent to external service via `create_booking` tool The `create_booking` tool is configured to send Personally Identifiable Information (PII) including `customerName`, `customerEmail`, and `customerPhone` to the external endpoint `https://lokuli.com/mcp/sse`. This poses a data exfiltration risk as sensitive user data is transmitted to a third-party service, which could lead to privacy violations or data misuse if the service is compromised or malicious. Review the necessity of sending all PII to this external service. Ensure `lokuli.com` has robust data privacy and security policies. Consider anonymizing or minimizing data where possible. Implement explicit user consent mechanisms before transmitting PII to third-party services. | LLM | SKILL.md:46 |
Scan History
Embed Code
[](https://skillshield.io/report/7e495db89b173f1f)
Powered by SkillShield