Trust Assessment
code-simplifier received a trust score of 51/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 1 critical, 1 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Sensitive environment variable access: $HOME, Arbitrary Shell Command Execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 15, 2026 (commit 1823c3f6). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary Shell Command Execution The skill includes a backtick-enclosed shell command, prefixed with `!`, which is a common pattern in some LLM ecosystems (like `claude_code`) to indicate direct execution of shell commands. This allows the skill to run arbitrary commands on the host system, which is a severe security risk. The skill's stated purpose ('Simplify and improve code clarity') does not justify the need for shell execution capabilities. Remove the backtick-enclosed shell command. If dynamic content or configuration is required, use a safer, sandboxed mechanism provided by the LLM platform, or pre-process the content before it reaches the LLM. Avoid direct shell execution within skill definitions. | LLM | SKILL.md:6 | |
| HIGH | Potential Data Exfiltration via File System Access The executed shell command uses `awk` to read content from files located in potentially sensitive directories: `.specweave/skill-memories`, `.claude/skill-memories`, and `$HOME/.claude/skill-memories`. These directories are likely to contain user data, conversation history, internal skill state, or other sensitive information. Extracting this information and potentially feeding it back into the LLM's context or an external service constitutes a significant data exfiltration risk. Avoid reading from arbitrary files on the filesystem, especially from user home directories or skill-specific memory locations. If specific configuration or learning data is required, it should be provided through secure, platform-specific mechanisms that do not involve direct shell access or broad file system traversal. | LLM | SKILL.md:6 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | plugins/specweave/skills/code-simplifier/SKILL.md:1 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | plugins/specweave/skills/code-simplifier/SKILL.md:6 |
Scan History
Embed Code
[](https://skillshield.io/report/90302421aef54f04)
Powered by SkillShield