Trust Assessment
swarm-safety received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Unpinned Dependency in Installation Instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unpinned Dependency in Installation Instructions The installation instructions for the `swarm-safety` package use `pip install swarm-safety` without specifying a version. This means that an AI agent executing these instructions would install the latest available version from PyPI. This exposes the system to supply chain risks, as a malicious or vulnerable update to the package or its dependencies could be inadvertently installed. Pin the dependency to a specific, known-good version (e.g., `pip install swarm-safety==1.0.0`) or use a `requirements.txt` file with pinned versions to ensure deterministic installations. | LLM | skill.md:23 |
Scan History
Embed Code
[](https://skillshield.io/report/7a9834608f27a401)
Powered by SkillShield