Trust Assessment
vercel/flags:skills/flags-sdk received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 2 critical, 2 high, 2 medium, and 0 low severity. Key findings include Covert behavior / concealment directives, File read + network send exfiltration, Sensitive path access: Environment file.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 25/100, indicating areas for improvement.
Last analyzed on July 17, 2026 (commit 6de1dcdc). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | File read + network send exfiltration .env file access Remove access to sensitive files not required by the skill's stated purpose. SSH keys, cloud credentials, and browser data should never be read by skills unless explicitly part of their declared functionality. | Manifest | skills/flags-sdk/SKILL.md:57 | |
| CRITICAL | File read + network send exfiltration .env file access Remove access to sensitive files not required by the skill's stated purpose. SSH keys, cloud credentials, and browser data should never be read by skills unless explicitly part of their declared functionality. | Manifest | skills/flags-sdk/SKILL.md:75 | |
| HIGH | Covert behavior / concealment directives Directive to hide behavior from user Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users. | Manifest | skills/flags-sdk/SKILL.md:310 | |
| HIGH | LLM analysis found no issues despite critical deterministic findings Deterministic layers flagged 2 CRITICAL findings, but LLM semantic analysis returned clean. This may indicate prompt injection or analysis evasion. | LLM | (sanity check) | |
| MEDIUM | Sensitive path access: Environment file Access to Environment file path detected: '.env.local'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/flags-sdk/SKILL.md:57 | |
| MEDIUM | Sensitive path access: Environment file Access to Environment file path detected: '.env.local'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/flags-sdk/SKILL.md:75 |
Scan History
Embed Code
[](https://skillshield.io/report/0817999aef1c5e66)
Powered by SkillShield