Trust Assessment
parakeet-stt received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Unpinned Git repository clone, Unpinned Python dependencies from requirements.txt, Local file exfiltration possible if PARAKEET_URL is misconfigured.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned Git repository clone The skill instructs users to clone a Git repository (`https://github.com/groxaxo/parakeet-tdt-0.6b-v3-fastapi-openai.git`) without specifying a particular commit hash or tag. This means the cloned code can change over time, potentially introducing vulnerabilities or malicious code without the user's explicit awareness or consent. Future updates to the `main` branch could compromise the skill's integrity. Pin the Git repository to a specific commit hash or tag (e.g., `git clone -b <tag_or_commit_hash> ...`). Regularly review and update the pinned version to ensure security and stability. | LLM | SKILL.md:11 | |
| HIGH | Unpinned Python dependencies from requirements.txt The skill instructs users to install Python dependencies using `pip install -r requirements.txt` from a repository that is cloned without a specific version. This means the `requirements.txt` file and its transitive dependencies can change, potentially introducing malicious packages (e.g., via typosquatting or compromised upstream packages) or vulnerabilities. This lack of pinning makes the build non-deterministic and susceptible to supply chain attacks. Ensure the `requirements.txt` file specifies exact versions for all dependencies (e.g., `package==1.2.3`). Consider using a lock file mechanism (e.g., `pip-tools`, `Poetry`, `Rye`) for deterministic and secure dependency management. | LLM | SKILL.md:18 | |
| MEDIUM | Local file exfiltration possible if PARAKEET_URL is misconfigured The skill processes local audio files and sends them to a service whose endpoint is determined by the `PARAKEET_URL` environment variable. While the skill intends for this to be a local service (`http://localhost:5000`), if a user mistakenly or maliciously configures `PARAKEET_URL` to an external, untrusted endpoint, local audio files (and potentially other sensitive data if the file path is changed) could be exfiltrated to that external server. The manifest explicitly lists `PARAKEET_URL` as an environment variable, highlighting its role in the skill's operation. Emphasize in the documentation that `PARAKEET_URL` *must* point to a trusted, local endpoint. If possible, implement internal checks within the skill to validate the `PARAKEET_URL` scheme and host (e.g., only allow `localhost` or specific private IP ranges) to prevent accidental or malicious redirection. | LLM | SKILL.md:23 |
Scan History
Embed Code
[](https://skillshield.io/report/629f68178eefb771)
Powered by SkillShield