Trust Assessment
my-tesla received a trust score of 98/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Unpinned dependency range for teslapy.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Unpinned dependency range for teslapy The `teslapy` dependency is specified with a minimum version (`>=2.0.0`) but not an upper bound or exact version. This could lead to unexpected behavior or security vulnerabilities if future versions of `teslapy` introduce breaking changes or new exploits. While common, precise pinning is a best practice for supply chain security. Pin the `teslapy` dependency to a specific version or a more restrictive range (e.g., `teslapy~=2.0.0` or `teslapy==2.0.0`) to ensure consistent behavior and prevent unexpected issues from future updates. | LLM | scripts/tesla.py:13 |
Scan History
Embed Code
[](https://skillshield.io/report/5560dc039fd92b2a)
Powered by SkillShield