Trust Assessment
storybook-rsbuild received a trust score of 67/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Reliance on external, untrusted documentation for critical instructions, Potential for command injection via compromised external documentation, Broad filesystem and command execution permissions implied.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on June 1, 2026 (commit 76880945). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Reliance on external, untrusted documentation for critical instructions The skill explicitly states that the 'Single source of truth is upstream' and instructs the agent to 'Fetch the relevant `storybook.rsbuild.rs` page for version tables, install commands, and config conversion patterns.' This means the agent will retrieve and act upon instructions from an external website. If `storybook.rsbuild.rs` were compromised, the agent could be directed to install malicious software, use incorrect versions, or apply harmful configurations, leading to a supply chain attack on the user's project. Implement strict content validation and sandboxing for any data fetched from external URLs. Consider mirroring critical documentation or using cryptographic verification (e.g., subresource integrity for scripts, signed documentation) if possible. The agent should prompt the user for confirmation before executing any commands derived from external sources. | LLM | SKILL.md:10 | |
| HIGH | Potential for command injection via compromised external documentation The skill instructs the agent to fetch 'install commands' and 'apply the install/remove mapping from the migration guide' from `storybook.rsbuild.rs`. If this external documentation is compromised (as identified in the supply chain risk), it could provide malicious package names or commands that the agent would then execute through the project's package manager (e.g., `npm install malicious-package`) or directly (e.g., `storybook dev --evil-flag`). This is a direct consequence of the reliance on untrusted external sources for executable instructions. As with supply chain risk, implement strict validation and sandboxing. The agent should parse and validate package names and commands from external sources, and critically, *always* prompt the user for explicit confirmation before executing any commands that modify the system or install software, especially if those commands originate from an external, unverified source. | LLM | SKILL.md:79 | |
| MEDIUM | Broad filesystem and command execution permissions implied The skill's instructions require the agent to read and write various project files (`package.json`, `.storybook/main.*`, create new story files) and execute system commands (package manager commands, `storybook dev`, `storybook build`). This implies the agent operates with broad filesystem access and command execution capabilities. Without explicit sandboxing or granular permission controls, these broad permissions could be abused if the agent is compromised or manipulated (e.g., via prompt injection or the identified supply chain risk), potentially leading to unauthorized file modifications, data exfiltration, or arbitrary code execution beyond the skill's intended scope. The agent execution environment should enforce least privilege. Implement granular permissions for file system access and command execution, requiring explicit user confirmation for sensitive operations. Ensure that the agent's tools are sandboxed and cannot access or modify files outside the immediate project context. | LLM | SKILL.md:44 |
Scan History
Embed Code
[](https://skillshield.io/report/a8e67bdaf846f15c)
Powered by SkillShield