Trust Assessment
flights received a trust score of 80/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 5 findings: 0 critical, 0 high, 3 medium, and 1 low severity. Key findings include Suspicious import: requests, Unpinned Python dependency version, Unencoded user input in URL query parameters.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/dbhurley/flights/scripts/flights.py:20 | |
| MEDIUM | Unpinned Python dependency version Dependency 'requests>=2.31.0' is not pinned to an exact version. Pin Python dependencies with exact versions where feasible. | Dependencies | skills/dbhurley/flights/pyproject.toml | |
| MEDIUM | Unencoded user input in URL query parameters The `search_flights_flightaware` function constructs a URL query string using user-provided `origin` and `dest` parameters without URL encoding them. This allows for HTTP Parameter Pollution, where an attacker (or a manipulated LLM agent) could inject additional query parameters or manipulate existing ones. If sensitive data were to be injected into these parameters by the agent, it would be exfiltrated to `flightaware.com`. Use `urllib.parse.quote_plus()` to encode user-provided parameters before including them in the URL query string. For example: `url = f"https://www.flightaware.com/live/findflight?origin={urllib.parse.quote_plus(origin)}&destination={urllib.parse.quote_plus(dest)}"` | LLM | scripts/flights.py:75 | |
| LOW | API key read from environment, but usage not shown The skill's documentation (`SKILL.md`) and the presence of `os.getenv("AVIATIONSTACK_API_KEY")` in `scripts/flights.py` indicate that an API key is read from environment variables. While the provided code snippet does not show this key being used in any network requests, its presence implies an intent to use an external API. If the full implementation uses this key in a `requests` call where the destination URL or parameters can be manipulated by user input (e.g., via HTTP Parameter Pollution), it could lead to the exfiltration of the API key. This is a potential risk that cannot be fully assessed without the complete code. Ensure that any API keys read from environment variables are used only with trusted, hardcoded domains and that no part of the URL or request parameters that include the key can be influenced by untrusted user input. Always URL-encode user-provided parameters. | LLM | SKILL.md:60 | |
| INFO | Error messages leak internal exception details The `get_flightaware_status` function (and likely `search_flights_flightaware` based on truncation) catches broad exceptions and returns `{"error": str(e)}`. This can expose internal exception details, such as file paths, variable names, or stack traces, which could provide an attacker with valuable information about the system's internal structure or vulnerabilities. Implement more specific exception handling. For production environments, return generic error messages to the user and log detailed exceptions internally. Avoid exposing raw exception messages to external callers. | LLM | scripts/flights.py:66 |
Scan History
Embed Code
[](https://skillshield.io/report/65028afe04008463)
Powered by SkillShield