Trust Assessment
meetlark received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Agent instructed to store sensitive adminToken in memory.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Agent instructed to store sensitive adminToken in memory The skill explicitly instructs the AI agent to store the `adminToken` in its memory for the poll's lifetime. The `adminToken` is described as "Private" and grants full administrative control over a poll. If the AI agent's internal memory or conversational context is not securely managed (e.g., persistent logging, accessible internal state), this sensitive token could be exposed, leading to unauthorized access and manipulation of the poll. Implement secure, ephemeral memory management for sensitive credentials within the AI agent's operational environment. Ensure that agent memory containing such tokens is not persistently logged or easily accessible. Consider using a secure vault or short-lived tokens where possible, or explicitly instructing the agent to forget the token after its immediate use if its full lifetime storage is not strictly necessary. | LLM | SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/f89124f063cc3720)
Powered by SkillShield