Trust Assessment
revenue-dashboard received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Skill lacks authentication for sensitive financial data.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill lacks authentication for sensitive financial data The skill explicitly states that it has 'No authentication built in' for a dashboard managing crypto holdings, freelance income, and service revenue. This means any process or agent with network access to the skill's default binding address (localhost:3020) can access and potentially modify sensitive financial data without any credentials. This poses a significant risk if the skill is run in an environment where other processes or agents could interact with it. Implement robust authentication and authorization mechanisms for all API endpoints and the dashboard UI. Consider integrating with existing identity providers or implementing a secure local authentication system. | LLM | SKILL.md:50 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/sa9saq/revenue-dashboard/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/ee82a9137a467094)
Powered by SkillShield