Trust Assessment
specstory-project-stats received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Data Exfiltration via Arbitrary API Endpoint.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 9454d3f2). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Data Exfiltration via Arbitrary API Endpoint The skill allows the `SPECSTORY_API_URL` environment variable to be set, which can redirect API calls to an arbitrary server. The `projectId`, derived from local filesystem information (e.g., `.git/config`, `.specstory/.project.json`, or current folder name), is then sent to this potentially untrusted endpoint. This constitutes data exfiltration, as local project identifiers are exposed to an attacker-controlled server. Restrict the `SPECSTORY_API_URL` environment variable to a whitelist of trusted domains. If the skill is intended to only interact with the official SpecStory Cloud, remove the ability to override `SPECSTORY_API_URL` via environment variables. If overriding is necessary for development, ensure it is clearly documented as a security risk and only allowed in secure, controlled environments. | Static | scripts/get-stats.js:109 |
Scan History
Embed Code
[](https://skillshield.io/report/a58bd14dc97d15da)
Powered by SkillShield