Trust Assessment
screen-narrator received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Sensitive Screen Data Sent to External AI Service, Unpinned Dependencies in requirements.txt.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Sensitive Screen Data Sent to External AI Service The skill is designed to capture the user's screen content, active application name, and window title, and send this highly sensitive data to an external AI service (Gemini Flash, as indicated in SKILL.md) for analysis. While the current `analyze_screenshot` function in `server.py` is a placeholder, its explicit comment 'This would call the narrator skill' and the overall skill description confirm this intended data flow. This constitutes a significant data exfiltration risk, as screen content can contain PII, credentials, or other confidential information. Users should be fully aware that their screen activity is being transmitted to a third-party AI. Implement robust data handling practices. Clearly inform users about the data being collected and transmitted, and to which third parties. Ensure the external AI service's data privacy policies are acceptable. Consider implementing client-side redaction or privacy filters for sensitive areas of the screen. If the 'narrator skill' involves an LLM, ensure prompt construction prevents prompt injection and minimizes the exposure of sensitive data to the LLM's context beyond what is strictly necessary for narration. | LLM | server.py:15 | |
| INFO | Unpinned Dependencies in requirements.txt The `SKILL.md` documentation instructs users to install dependencies via `pip install -r requirements.txt`. Without a `requirements.txt` file provided in the context, it's impossible to verify if dependencies are pinned to specific versions. Unpinned dependencies can lead to supply chain risks, where a malicious update to a package could be automatically installed, compromising the skill or the user's system. Ensure all dependencies in `requirements.txt` are explicitly pinned to specific versions (e.g., `package==1.2.3`) to prevent unexpected updates and mitigate supply chain attacks. Regularly audit and update dependencies. | LLM | SKILL.md:26 |
Scan History
Embed Code
[](https://skillshield.io/report/719355e691b8dff8)
Powered by SkillShield