This skill contains patterns for remote execution or sensitive file access. Review the source carefully before installing.
Secure-by-default environment variable management for Claude Code sessions.
AI-powered evaluation of trust, security posture, quality signals, and fit for your use case. Grounded in the skill's actual data.
Detected signals: hidden HTML comments, remote execution pattern, sensitive file access, missing license.
• Downloads and executes remote code at runtime. Review the SKILL.md carefully — this pattern is a high-severity signal unless the skill explicitly documents the source and integrity checks.
• Accesses sensitive files (.env, credential files). For this skill type, this is worth investigating before using in production.
• Contains HTML comments in the skill definition. This is sometimes used to embed hidden instructions. Review the raw SKILL.md if you want to audit the full content.
• No license declared. Usage rights are ambiguous — contact the skill author before using commercially.
Compare this skill side-by-side with an alternative to find the best fit.
Compare with another skill →