Working reference for agents using the Tessl CLI — create and publish plugins/skills, install from the registry, update, lint, and run evals.
68
86%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Risky
Do not use without reviewing
Security
2 findings — 1 high severity, 1 medium severity. You should review these findings carefully before considering using this skill.
The skill handles credentials insecurely by requiring the agent to include secret values verbatim in its generated output. This exposes credentials in the agent’s context and conversation history, creating a risk of data exfiltration.
Insecure credential handling detected (high risk: 1.00). This SKILL.md includes a concrete CLI example that embeds an Authorization Bearer token in a command/header (tessl agent mcp add ... --header "Authorization: Bearer token"), which instructs including secrets verbatim in output/commands and is therefore high-risk.
The skill fetches instructions or code from an external URL at runtime, and the fetched content directly controls the agent’s prompts or executes code. This dynamic dependency allows the external source to modify the agent’s behavior without any changes to the skill itself.
Potentially malicious external URL detected (high risk: 0.80). The file shows runtime agent-facing commands that contact external endpoints to fetch and install plugins that contain SKILL.md (prompt/instruction) content — e.g. the MCP example URL https://mcp.example.com (SKILL.md:364) and the git install reference github:user/repo (SKILL.md:253) — which can directly control agent prompts when fetched mid-session.