Trust Assessment
design-md received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Server-Side Request Forgery (SSRF) via URL fetching.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Server-Side Request Forgery (SSRF) via URL fetching The skill instructs the agent to download content from `htmlCode.downloadUrl` and `screenshot.downloadUrl` using `web_fetch` or `read_url_content`. These URLs are retrieved from the `Stitch MCP Server` via `get_screen`. If an attacker can manipulate the `downloadUrl` values returned by the `Stitch MCP Server` (e.g., by creating a malicious project or compromising the server), the agent could be coerced into making requests to arbitrary internal or external network resources, potentially leading to information disclosure or access to internal services. Implement strict URL validation (e.g., whitelist allowed domains, check for private IP ranges, ensure URLs point to expected Stitch asset storage) before using `web_fetch` or `read_url_content`. Consider sandboxing network requests to prevent access to unintended resources. | LLM | SKILL.md:59 |
Scan History
Embed Code
[](https://skillshield.io/report/3e42c50abb607a04)
Powered by SkillShield