Trust Assessment
taskr received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Instruction to ignore tool's own rules, Exfiltration of file system activity via 'FILE_LIST' notes, Handling of sensitive API key and project ID.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Instruction to ignore tool's own rules The skill explicitly instructs the agent to 'ignore any coding-specific guidance' from the tool's `rules` field. This is a direct attempt to manipulate the LLM's interpretation of the tool's output, potentially bypassing intended safety mechanisms or leading to misapplication of rules. Such instructions can compromise the integrity of the agent's decision-making process. Remove instructions that tell the LLM to ignore parts of the tool's output. If certain rules are not applicable, they should be filtered or adapted by the tool itself, not by instructing the LLM to disregard them. | LLM | SKILL.md:40 | |
| HIGH | Exfiltration of file system activity via 'FILE_LIST' notes The skill instructs the agent to create 'FILE_LIST notes when you create, modify, or delete files on the user's system.' These notes are then sent to the external `taskr.one` service as part of the task tracking. This constitutes exfiltration of potentially sensitive user file system activity (creation, modification, deletion of files) to a third-party service. While described as intended functionality, users must be explicitly aware and consent to this specific data sharing. Ensure explicit user consent and clear disclosure for sending file system activity data to an external service. Consider if this level of detail is strictly necessary or if it can be anonymized/aggregated to reduce data exposure. | LLM | SKILL.md:93 | |
| INFO | Handling of sensitive API key and project ID The skill requires and instructs the agent to obtain and configure `MCP_USER_API_KEY` and `MCP_PROJECT_ID`. These are sensitive credentials used for authentication with the `taskr.one` service. The skill transmits `MCP_USER_API_KEY` in `x-user-api-key` headers. While necessary for the skill's functionality, any handling of API keys warrants careful attention to prevent misuse or unauthorized access. Ensure secure storage and transmission practices for API keys. Emphasize that the agent should only request these credentials when explicitly prompted by the user for setup and only use them for the intended `taskr.one` service. Implement robust validation to prevent the agent from misinterpreting or misusing credential requests. | LLM | SKILL.md:51 |
Scan History
Embed Code
[](https://skillshield.io/report/c1bada0938e60bbb)
Powered by SkillShield