Trust Assessment
secrets-management received a trust score of 41/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 1 critical, 1 high, 2 medium, and 1 low severity. Key findings include Network egress to untrusted endpoints, Sensitive environment variable access: $GITHUB_ENV, GitLab CI example prints sensitive variables to logs.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 0818067b). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | plugins/cicd-automation/skills/secrets-management/SKILL.md:57 | |
| HIGH | GitLab CI example prints sensitive variables to logs The GitLab CI example explicitly echoes `$API_KEY` and `$DATABASE_URL` to standard output. This means these sensitive values will be visible in the job logs, posing a significant data exfiltration risk. This directly contradicts the 'Mask secrets in logs' best practice mentioned later in the skill. Remove `echo` statements that print sensitive variables. Ensure all sensitive variables are masked or handled securely without being exposed in logs. For GitLab, use the `variables` section with `masked: true` or ensure scripts do not print them directly. | LLM | SKILL.md:203 | |
| MEDIUM | Sensitive environment variable access: $GITHUB_ENV Access to sensitive environment variable '$GITHUB_ENV' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | plugins/cicd-automation/skills/secrets-management/SKILL.md:142 | |
| MEDIUM | GitHub Actions Vault example prints sensitive username to logs The GitHub Actions example for Vault integration includes an `echo` statement that prints the `$DB_USERNAME` to the console. While not a password, usernames can be sensitive information, especially when combined with other potential leaks, and should generally be masked or avoided in logs as per best practices. This contradicts the 'Mask secrets in logs' best practice mentioned later in the skill. Remove the `echo` statement that prints `$DB_USERNAME`. If debugging is needed, use masked output or ensure the username is not considered sensitive in the specific context. | LLM | SKILL.md:91 | |
| LOW | GitHub Actions use unpinned major versions for actions The GitHub Actions examples use actions pinned only to their major versions (`@v2`, `@v4`). While common, this practice means that any new release within that major version will be automatically pulled. This could potentially introduce breaking changes, vulnerabilities, or, in a worst-case scenario, malicious code if the action's repository is compromised. Pinning to a specific full version (`vX.Y.Z`) or a commit SHA is more secure for production environments. Pin GitHub Actions to specific full versions (e.g., `v2.1.5`) or commit SHAs instead of just major versions (`@v2`). This provides better supply chain security and reproducibility. This issue also applies to `aws-actions/configure-aws-credentials@v4` on line 128. | LLM | SKILL.md:80 |
Scan History
Embed Code
[](https://skillshield.io/report/68c901b916884cad)
Powered by SkillShield