Security Audit
create-project
github.com/algorand-devrel/algorand-agent-skillsTrust Assessment
create-project received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Command Injection via Unsanitized User Input in `algokit init`.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit aafc1c60). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection via Unsanitized User Input in `algokit init` The skill instructs the agent to construct and execute an `algokit init` shell command using user-provided input for `<project-name>` and `<name>`. If this input is not properly sanitized, a malicious user could inject arbitrary shell commands by providing input like `my-project; rm -rf ~`. The skill provides no guidance on input validation or sanitization, making it vulnerable to command injection. User-provided inputs intended for shell commands must be strictly sanitized. Validate inputs like `<project-name>` and `<name>` against a restrictive allow-list of characters (e.g., `^[a-zA-Z0-9_-]+$`). Alternatively, ensure the execution environment passes arguments as a list to the process, rather than interpreting a single command string, to prevent shell injection. | LLM | SKILL.md:25 |
Scan History
Embed Code
[](https://skillshield.io/report/4e7909f7104498f1)
Powered by SkillShield