convert-web-app

[Skill Scanner] Skill instructions include directives to hide actions from user All findings: [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The combined assessment identifies Report 2 as the most balanced and comprehensive among the three, providing actionable guidance on server tooling, CSP considerations, and hybrid initialization. It acknowledges legitimate security risks primarily from misconfiguration rather than intrinsic malicious intent. An improved final plan should emphasize strict CSP whitelisting, secure PostMessage usage, and formal validation of host context handling before deployment. LLM verification: This skill/documentation is functionally coherent and aligns with its stated purpose (adding MCP App support). I found no active malicious code (no reverse shells, obfuscated payloads, credential exfiltration, or hidden remote endpoints) in the provided content. The primary security concerns are supply-chain related: multiple unpinned dependency/install instructions and cloning an upstream GitHub repo without pinning or reproducible install guidance. These increase the risk that a compromised de