Trust Assessment
agents-v2-py received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 0 low severity. Key findings include Broadly Pinned Dependency in Installation Instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| INFO | Broadly Pinned Dependency in Installation Instructions The installation instructions specify `azure-ai-projects>=2.0.0b3`. While this ensures a minimum version, it does not pin the dependency to an exact version. This can lead to non-deterministic builds, potential compatibility issues with future versions, or unexpected behavior if a newer, potentially vulnerable version is released. For robust supply chain security and reproducibility, exact version pinning is generally recommended. Pin `azure-ai-projects` to an exact version (e.g., `azure-ai-projects==2.0.0b3`) to ensure reproducible installations and prevent unexpected updates. Consider using a `requirements.txt` file with exact pins for production environments. | LLM | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/eaa57c42e208053b)
Powered by SkillShield