Trust Assessment
lieutenant received a trust score of 60/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 1 high, 4 medium, and 0 low severity. Key findings include Suspicious import: requests, User input sent to external TrustAgents API, Server-Side Request Forgery (SSRF) vulnerability in agent card fetching.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Server-Side Request Forgery (SSRF) vulnerability in agent card fetching The `scripts/verify_agent.py` script's `fetch_agent_card` function directly uses a user-provided URL (from the `--url` argument) to make an HTTP GET request. A malicious actor could provide an internal IP address or a URL pointing to sensitive internal services, potentially allowing the skill to make requests to resources within the host's private network or cloud environment. While the `requests` library has some default protections, it is not a complete safeguard against all SSRF scenarios. Implement robust URL validation to restrict requests to trusted domains or public IP ranges. Consider using an allowlist for hostnames or IP addresses. If fetching from arbitrary URLs is required, ensure the environment where the skill runs is isolated and cannot access sensitive internal resources. | LLM | scripts/verify_agent.py:23 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/jd-delatorre/lieutenant/scripts/scan.py:32 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/jd-delatorre/lieutenant/scripts/verify_agent.py:24 | |
| MEDIUM | User input sent to external TrustAgents API The `scripts/scan.py` and `scripts/verify_agent.py` tools are designed to send user-provided text and agent card data, respectively, to an external API endpoint (defaulting to `https://agent-trust-infrastructure-production.up.railway.app`) when the `--api` flag is used. This means any sensitive information contained within the user's input will be transmitted to a third-party service for analysis. While this is the intended functionality for enhanced detection, users should be explicitly aware of this data sharing practice. Clearly document to users that their input data is sent to a third-party service when using the `--api` flag. Ensure the privacy policy of the TrustAgents API is transparent and accessible. | LLM | scripts/scan.py:30 | |
| MEDIUM | User input sent to external TrustAgents API The `scripts/scan.py` and `scripts/verify_agent.py` tools are designed to send user-provided text and agent card data, respectively, to an external API endpoint (defaulting to `https://agent-trust-infrastructure-production.up.railway.app`) when the `--api` flag is used. This means any sensitive information contained within the user's input will be transmitted to a third-party service for analysis. While this is the intended functionality for enhanced detection, users should be explicitly aware of this data sharing practice. Clearly document to users that their input data is sent to a third-party service when using the `--api` flag. Ensure the privacy policy of the TrustAgents API is transparent and accessible. | LLM | scripts/verify_agent.py:40 |
Scan History
Embed Code
[](https://skillshield.io/report/68f243bee75f7dda)
Powered by SkillShield