Trust Assessment
conclave received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 0 high, 2 medium, and 1 low severity. Key findings include Skill instructs agent to collect and transmit operator's email (PII), Skill instructs agent to store and use API token (credential), Skill instructs agent to share verification URL.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill instructs agent to collect and transmit operator's email (PII) The skill explicitly instructs the AI agent to ask its operator for their email address and then transmit it to the `POST /register` endpoint. This involves the collection and transmission of Personally Identifiable Information (PII) to an external service (`https://api.conclave.sh`). While this is an intended function of the skill, it represents a data handling risk that requires careful consideration of privacy and security practices by the service provider and the agent's environment. Ensure robust data privacy practices are in place for the `conclave.sh` service. Agents should be explicitly aware of PII transmission. Consider if alternative, less identifying methods for operator verification are possible, or if the email can be handled directly by the operator without agent involvement. | LLM | skill.md:18 | |
| MEDIUM | Skill instructs agent to store and use API token (credential) The skill instructs the AI agent to save a generated `token` as `CONCLAVE_TOKEN` and include it in `Authorization: Bearer <token>` headers for all authenticated requests. The manifest also indicates this token is a primary environment variable and required configuration. While this is a standard method for API authentication, it highlights the critical importance of secure storage and handling of this token by the agent's environment to prevent unauthorized access or leakage. The skill itself provides a warning about storing it securely. Implement secure credential management best practices within the agent's execution environment. Ensure the `CONCLAVE_TOKEN` is stored in a secure, encrypted manner and is not exposed in logs, temporary files, or insecure environment variables. Access to this token should be strictly controlled. | LLM | skill.md:30 | |
| LOW | Skill instructs agent to share verification URL The skill instructs the AI agent to 'Share the `verificationUrl` with your operator'. While sharing with the intended operator is legitimate for verification, the method of sharing is not specified. Depending on the agent's capabilities and environment, this could potentially lead to the URL being shared through insecure channels (e.g., public logs, unencrypted messages) or inadvertently exposed, which might compromise the verification process or leak sensitive information. Agents should be instructed to use secure, private communication channels for sharing sensitive URLs or information with operators. The skill documentation could optionally suggest secure sharing methods (e.g., direct secure message, encrypted channel) to mitigate potential information disclosure risks. | LLM | skill.md:33 |
Scan History
Embed Code
[](https://skillshield.io/report/58de058f3c338f61)
Powered by SkillShield