Trust Assessment
vydra received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill instructs agent to store API key on local filesystem, Skill instructs agent to fetch and potentially execute dynamic skill definition from external URL.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Skill instructs agent to fetch and potentially execute dynamic skill definition from external URL The skill documentation includes an instruction for the agent to fetch `skill.md` from `https://vydra.ai/skill.md`. If the agent's runtime environment interprets this fetched content as new instructions or skill definitions, it introduces a significant supply chain risk. A compromise of `vydra.ai` could lead to the agent downloading and executing malicious instructions, effectively becoming a prompt injection vector from an external, untrusted source. This bypasses static analysis and introduces a dynamic attack surface. Agents should not be instructed to dynamically fetch and execute skill definitions or instructions from external URLs. All skill definitions should be static, reviewed, and part of the trusted skill package. If dynamic updates are required, they must be delivered through a secure, signed, and verified update mechanism, not via direct `curl` commands. | LLM | SKILL.md:109 | |
| MEDIUM | Skill instructs agent to store API key on local filesystem The skill documentation instructs the agent to save its newly acquired API key to a local file (`~/.config/vydra/credentials.json`). While this is a common pattern for traditional CLI tools, in an AI agent context, it means the agent is being instructed to manage its own secrets on the filesystem. This could pose a security risk if the agent's execution environment does not properly isolate its filesystem, or if other skills or processes could access this file, leading to credential harvesting or data exfiltration. Recommend using secure, ephemeral credential management provided by the agent platform (e.g., a secret store or environment variables) instead of instructing the agent to write secrets to the local filesystem. If local storage is unavoidable, emphasize strong access controls and encryption. | LLM | SKILL.md:26 |
Scan History
Embed Code
[](https://skillshield.io/report/b14bf5f5d489f733)
Powered by SkillShield