Security Audit

ailabs-393/ai-labs-claude-skills:dist/skills/storyboard-manager

github.com/ailabs-393/ai-labs-claude-skills

AI SkillCommit 1a12bc7aadcc

TRUSTED

Scanned 18 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

ailabs-393/ai-labs-claude-skills:dist/skills/storyboard-manager received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 0 medium, and 0 low severity. Key findings include Skill instructs LLM to execute shell commands, Skill requires broad filesystem read/write access to project root.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on March 14, 2026 (commit 1a12bc7a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
INFO	Skill instructs LLM to execute shell commands The `SKILL.md` explicitly instructs the host LLM to execute Python scripts via shell commands. While the commands and their arguments (`python3 .claude/skills/storyboard-manager/scripts/timeline_tracker.py . --output markdown`) are hardcoded and point to internal skill scripts, this demonstrates the skill's capability to trigger shell execution. If the command string or its arguments were to become dynamically constructed from untrusted input, it would pose a critical command injection vulnerability. Ensure that any shell commands executed by the LLM are always hardcoded or constructed from trusted, sanitized sources. Implement strict input validation if any part of the command becomes dynamic.	LLM	SKILL.md:200
INFO	Skill requires broad filesystem read/write access to project root The skill's Python scripts (`consistency_checker.py`, `timeline_tracker.py`) are designed to recursively scan and read all `.md` files within the project root. The `SKILL.md` also implies the LLM will use an 'Edit tool' to modify files based on the script's output. This grants the skill broad read and write access to the entire project directory. While this level of access is required for the skill's intended functionality (story management), it represents a significant permission scope. If possible, narrow the scope of filesystem access to only specific subdirectories or file types strictly necessary for the skill's operation. Implement robust access control and sandboxing if the skill were to operate in a multi-user or untrusted environment.	LLM	SKILL.md:60

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/08efc5e699ff577f.svg)](https://skillshield.io/report/08efc5e699ff577f)