Trust Assessment
qveris received a trust score of 87/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include Unpinned Python dependency version, Broad External Tool Access via QVeris API.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unpinned Python dependency version Dependency 'httpx>=0.25.0' is not pinned to an exact version. Pin Python dependencies with exact versions where feasible. | Dependencies | skills/hqman/qveris/pyproject.toml | |
| MEDIUM | Broad External Tool Access via QVeris API The skill is designed to provide access to a wide range of external tools via the QVeris API, described as 'thousands of API tools' covering diverse functionalities like 'weather, search, data retrieval, stock trading analysis, etc.' While this broad access is the intended purpose of the skill, it means that an AI agent utilizing this skill could, if compromised (e.g., via prompt injection), be coerced into performing a vast array of unintended actions through these external tools. This includes potentially sensitive operations such as financial transactions, accessing various data sources, or executing web searches for malicious purposes, depending on the specific tools available through QVeris and the permissions associated with the provided API key. The skill acts as a powerful gateway to external capabilities. 1. **Principle of Least Privilege**: If feasible, restrict the scope of the `QVERIS_API_KEY` to only the specific tool categories or individual tools absolutely necessary for the skill's intended function. This limits the potential blast radius of a compromise. 2. **Human-in-the-Loop**: For sensitive actions (e.g., financial transactions, data modifications, or access to private information) that could be initiated through the QVeris API, implement a human approval step. 3. **Contextual Guardrails**: Implement robust LLM-level guardrails and safety policies to prevent the agent from using this skill for unintended or malicious purposes, even if prompted to do so. 4. **Output Validation**: Ensure the LLM carefully validates and sanitizes any output received from QVeris before acting upon it or presenting it to the user, to mitigate potential prompt injection via tool results. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/5053fc81c9cfef6f)
Powered by SkillShield