Trust Assessment
overleaf received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 0 medium, and 1 low severity. Key findings include Node lockfile missing, Unpinned external CLI dependency from custom repository, Requires sensitive session cookie for authentication.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned external CLI dependency from custom repository The skill's installation instructions, both in the manifest and `scripts/install.sh`, direct the installation of the `olcli` command-line tool. This installation involves adding a custom Homebrew tap (`brew tap aloth/tap`) or installing a global npm package (`npm install -g @aloth/olcli`). In both cases, the version of `olcli` is not pinned, meaning the latest available version will always be installed. This introduces a significant supply chain risk:
1. **Lack of Version Control**: Future versions of `olcli` could introduce breaking changes, vulnerabilities, or malicious code without the skill package explicitly updating its dependency.
2. **Custom Tap Risk**: Relying on a custom Homebrew tap (`aloth/tap`) means the integrity of the `olcli` formula depends entirely on the security of the `aloth/tap` repository. A compromise of this repository could lead to the installation of malicious software. Pin the version of `olcli` in the installation instructions (e.g., `npm install -g @aloth/olcli@1.1.0`). For Homebrew, if possible, specify a version (e.g., `brew install aloth/tap/olcli@1.1`) or consider vendoring the formula if stability and security are paramount. Regularly review and update the pinned version to incorporate necessary updates and security fixes. | LLM | scripts/install.sh:14 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/aloth/overleaf-skill/package.json | |
| INFO | Requires sensitive session cookie for authentication The skill requires the user to provide an `overleaf_session2` session cookie for authentication with the `olcli` tool. This cookie grants access to the user's Overleaf account and projects. While the skill itself does not exfiltrate this credential, its use by an AI agent means the agent will handle and potentially store this sensitive data. This increases the risk of credential exposure if the agent's environment is compromised, or if the agent's logging mechanisms are not secure. Users should be aware of the sensitivity of this credential. Implement secure credential management practices for the AI agent, such as using a dedicated secrets manager, ensuring credentials are not logged, and limiting the lifespan and scope of session cookies where possible. Educate users on the risks associated with handling session cookies. | LLM | SKILL.md:17 |
Scan History
Embed Code
[](https://skillshield.io/report/7977c66d0bd31e50)
Powered by SkillShield