Trust Assessment
straker-verify received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill designed to upload user files to external service.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill designed to upload user files to external service The skill's primary functionality, as described in the `SKILL.md` documentation, involves uploading user-provided files (e.g., `document.txt`, `source.txt`, `translated.txt`) to the `https://api-verify.straker.ai` external service. While this is the intended purpose of a translation skill, it represents a significant data transfer mechanism. An AI agent utilizing this skill must ensure explicit user consent and awareness when handling sensitive local files to prevent unintended data exfiltration. Without proper safeguards, an agent could inadvertently send confidential user data to a third-party service. AI agents integrating this skill should implement strict user confirmation prompts before uploading any local files to the external service. Clearly communicate the data handling practices and privacy policy of the `straker.ai` service to the user. Ensure the AI agent only uploads files explicitly designated by the user for translation or processing by this skill. | LLM | SKILL.md:39 |
Scan History
Embed Code
[](https://skillshield.io/report/131bde94521a0d59)
Powered by SkillShield