Skills For Real Engineers — agentic threat model
This agent skill library presents a high-risk profile due to its integration with local developer environments, CI/CD, and sensitive issue trackers (GitHub, Linear). While open-source and designed for human-in-the-loop control, malicious or poorly-configured skills could lead to repository compromise or local code execution.
OWASP AIVSS score rationale
| Autonomy of Action | 0.40 | |
| Goal-Driven Planning | 0.50 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 0.70 | |
| Persistent Memory | 0.30 | |
| Contextual Awareness | 0.60 | |
| Dynamic Identity | 0.40 | |
| Multi-Agent Interactions | 0.50 | |
| Non-Determinism | 0.60 | |
| Opacity & Reflexivity | 0.40 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — The repository contains skills and prompts for external models like Claude Code or Codex, but does not bundle, host, or directly manage a foundation model itself.
Not certain from the listing — The skills interact with local files, documentation storage, and issue trackers, but the repository itself does not define a specific vector database or data pipeline.
The repository provides composable skills, prompt engineering, and tool integrations (issue triage, documentation) for agentic developer tools. Threats include insecure tool integration, prompt injection within the skills, or malicious skill definitions.
Installed via `npx skills@latest` and integrated into local developer environments or CI/CD. Threats include remote code execution (RCE) via malicious npm packages, local privilege escalation, and unauthorized access to local files or issue trackers.
Not certain from the listing — The description mentions keeping engineers in control and addressing misalignment, but does not detail built-in evaluation, logging, or guardrail frameworks.
Integrates with GitHub, Linear, and local files, requiring API tokens or local access rights. Threats include insecure storage of these credentials and lack of fine-grained authorization controls for the agent.
Designed to extend coding agents like Claude Code or Codex. Threats include cascading failures if a skill behaves unexpectedly, or trust abuse between the orchestrating agent and the installed skills.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.