Security Audit
create-project
github.com/algorand-devrel/algorand-agent-skillsTrust Assessment
create-project received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Command Injection via Unsanitized User Input in `algokit init`.
The analysis covered 4 layers: dependency_graph, llm_behavioral_safety, static_code_analysis, manifest_analysis. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit aafc1c60). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection via Unsanitized User Input in `algokit init` The skill instructs the agent to construct and execute an `algokit init` shell command using user-provided input for `<project-name>` and `<name>`. If this input is not properly sanitized, a malicious user could inject arbitrary shell commands by providing input like `my-project; rm -rf ~`. The skill provides no guidance on input validation or sanitization, making it vulnerable to command injection. User-provided inputs intended for shell commands must be strictly sanitized. Validate inputs like `<project-name>` and `<name>` against a restrictive allow-list of characters (e.g., `^[a-zA-Z0-9_-]+$`). Alternatively, ensure the execution environment passes arguments as a list to the process, rather than interpreting a single command string, to prevent shell injection. | Unknown | SKILL.md:25 |
Scan History
Embed Code
[](https://skillshield.io/report/4e7909f7104498f1)
Powered by SkillShield