Trust Assessment
linkedin received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Instruction to extract and potentially provide sensitive session cookie, Reliance on browser tool with broad access to sensitive web content.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Instruction to extract and potentially provide sensitive session cookie The skill provides explicit instructions for the user to manually extract the `li_at` session cookie from their browser. While it states 'Store securely for API requests', this instruction encourages the user to handle a highly sensitive credential (a session token) which could then be provided to the agent. If the agent is given this cookie, it could be used to impersonate the user on LinkedIn, leading to unauthorized access and actions without explicit user consent for each action. Avoid instructing users to manually extract and provide session cookies. If API access is required, prefer secure authentication mechanisms like OAuth flows or dedicated, revocable API tokens. If a cookie is absolutely necessary, implement robust, secure handling mechanisms within the agent and clearly warn the user about the significant risks involved. | LLM | SKILL.md:49 | |
| MEDIUM | Reliance on browser tool with broad access to sensitive web content The skill heavily utilizes a `browser` tool capable of `snapshot` (capturing page content), `navigate` (visiting arbitrary URLs), and `act` (interacting with page elements like typing and clicking). While the skill includes safety guidelines ('Never send messages without explicit user approval'), the inherent capabilities of such a tool grant broad access to the user's browser environment and any sensitive information displayed on LinkedIn or other navigated pages. A malicious or compromised agent using this skill could potentially capture sensitive data via `snapshot` or perform unauthorized actions via `act`. Implement stricter access controls for the `browser` tool, if possible, limiting its scope to only necessary domains or specific UI elements. Ensure that any `snapshot` or `act` operations, especially those involving sensitive data or actions, require explicit, real-time user confirmation. Consider sandboxing the browser environment to minimize potential impact. | LLM | SKILL.md:25 |
Scan History
Embed Code
[](https://skillshield.io/report/7eb0b20b5aa1a27f)
Powered by SkillShield