Trust Assessment
prism-alerts received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Server-Side Request Forgery (SSRF) via configurable PRISM_URL.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Server-Side Request Forgery (SSRF) via configurable PRISM_URL The `alerts.sh` script constructs `curl` requests using the `PRISM_URL` variable, which is configurable via an environment variable and explicitly defined as a configurable parameter in `skill.json`. The script does not perform any validation or sanitization of this URL. A malicious actor or misconfigured environment could set `PRISM_URL` to an arbitrary internal or external host, leading to Server-Side Request Forgery (SSRF). This could allow the skill to be used to probe internal networks, access internal services, or make requests to unintended external endpoints. Implement strict URL validation for `PRISM_URL`. If the skill is intended to only interact with a specific API, hardcode the URL or implement a whitelist of allowed domains/IPs. If dynamic configuration is necessary, ensure robust input validation to prevent requests to private IP ranges, loopback addresses, or unauthorized external hosts. | LLM | scripts/alerts.sh:4 |
Scan History
Embed Code
[](https://skillshield.io/report/ae341321fba71d70)
Powered by SkillShield