Trust Assessment
exchange-rates received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Hardcoded API Token for Browserless CDP, Potential Excessive Permissions via Browserless CDP.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Hardcoded API Token for Browserless CDP A sensitive API token for connecting to the Browserless Chrome DevTools Protocol (CDP) endpoint is hardcoded directly in the `xe-rate.mjs` script. This token (`ec546a08aed110e96f64cc645bdb58fa8829a63349d6ae53`) is exposed in plain text, which could allow unauthorized access to the Browserless service if the skill is publicly distributed or the token is reused. Hardcoding credentials is a significant security risk. Store the CDP token securely, for example, in an environment variable (`process.env.CDP_TOKEN`) or a secrets management system. Do not hardcode sensitive credentials in source code. | LLM | scripts/xe-rate.mjs:6 | |
| MEDIUM | Potential Excessive Permissions via Browserless CDP The skill connects to a local Browserless Chrome DevTools Protocol (CDP) endpoint. While `localhost` limits direct external network exposure, the Browserless service itself might be configured with broad permissions (e.g., access to the host filesystem via `file://` URLs, or internal network resources). If the Browserless instance is not properly sandboxed or configured with the principle of least privilege, this skill could potentially leverage those capabilities, leading to excessive permissions or unintended data access. Ensure the Browserless service (or any CDP endpoint) is run in a highly sandboxed environment with minimal necessary permissions. Restrict its network access and prevent access to the host filesystem. The skill itself should also validate and sanitize all inputs before passing them to browser navigation or evaluation functions to mitigate potential browser-side exploits. | LLM | scripts/xe-rate.mjs:5 |
Scan History
Embed Code
[](https://skillshield.io/report/312a1ace892ff489)
Powered by SkillShield