Trust Assessment
noverload received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Unpinned external dependency in `npx` command, Execution of external `noverload-mcp` package via `npx`, Personal Access Token passed to external `noverload-mcp` process.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned external dependency in `npx` command The skill's manifest configures an `mcp-server` that executes `npx noverload-mcp@latest`. Using `@latest` means the skill will always fetch the newest version of the `noverload-mcp` package from npm. This introduces a significant supply chain risk, as a malicious update to the `noverload-mcp` package could be automatically executed without user review, potentially leading to arbitrary code execution, data exfiltration, or other compromises. Pin the `noverload-mcp` dependency to a specific, known-good version (e.g., `noverload-mcp@1.2.3`) instead of `@latest`. Implement a process for regularly reviewing and manually updating the pinned version after verifying its integrity and security. | LLM | SKILL.md:1 | |
| HIGH | Personal Access Token passed to external `noverload-mcp` process A `NOVERLOAD_TOKEN` (personal access token) is passed as `accessToken` in the `NOVERLOAD_CONFIG` environment variable to the `noverload-mcp` process. If the `noverload-mcp` package (especially given it's unpinned) is compromised or malicious, it could exfiltrate this token, granting unauthorized access to the user's Noverload account. The skill also provides an example configuration to enable write access (`readOnly: false`), which would increase the impact of a token compromise. Users should be explicitly warned about the risks of providing personal access tokens to external processes. Advise users to create Noverload tokens with the minimum necessary permissions (e.g., read-only if write access is not strictly required) and to revoke tokens immediately if any suspicious activity is detected. The `noverload-mcp` package should be thoroughly vetted for secure token handling practices. | LLM | SKILL.md:1 | |
| MEDIUM | Execution of external `noverload-mcp` package via `npx` The skill's `mcp-server` configuration uses `npx` to execute the `noverload-mcp` package. While this is the intended functionality, it means the skill relies on an external Node.js package downloaded from npm. If the `noverload-mcp` package itself were compromised or malicious, it could execute arbitrary commands on the host system where the skill is running, leading to a command injection vulnerability. Thoroughly audit the source code of the `noverload-mcp` package for any malicious or insecure behavior. Consider running the `npx` command in a sandboxed or containerized environment with minimal permissions to limit its potential impact on the host system. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/124685896394bc4e)
Powered by SkillShield