Trust Assessment
slopesniper received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Unpinned Git dependency in skill installation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned Git dependency in skill installation The skill's installation manifest specifies a dependency from a Git repository (`git+https://github.com/maddefientist/SlopeSniper.git#subdirectory=mcp-extension`) without pinning to a specific commit hash or tag. This means that future updates to the upstream repository's default branch could introduce malicious code or breaking changes into the skill without explicit review, posing a significant supply chain risk. Pin the Git dependency to a specific commit hash or tag (e.g., `git+https://github.com/maddefientist/SlopeSniper.git@<commit_hash>#subdirectory=mcp-extension`) to ensure deterministic and auditable installations. Regularly review and update the pinned version. | LLM | SKILL.md |
Scan History
Embed Code
[](https://skillshield.io/report/099875637b062a08)
Powered by SkillShield