Trust Assessment
gnamiblast received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Unpinned dependency in installation instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unpinned dependency in installation instructions The installation command `npx molthub@latest install gnamiblast` uses an unpinned version (`@latest`) of the `molthub` package manager. This practice can introduce a supply chain risk, as a compromise of the `molthub` package could lead to the installation of malicious code if a new, compromised version is published. Pinning the version ensures deterministic and secure installations. Pin the version of `molthub` used in the installation command (e.g., `npx molthub@1.2.3 install gnamiblast`) to ensure deterministic and secure installations and mitigate supply chain risks. | LLM | skill.md:22 |
Scan History
Embed Code
[](https://skillshield.io/report/c75195eccd3c5954)
Powered by SkillShield