Trust Assessment
npm received a trust score of 74/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Direct interpolation of package version into shell command, Direct interpolation of package version into `awk` regex pattern.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 15, 2026 (commit 1823c3f6). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Direct interpolation of package version into shell command The skill instructs the LLM to extract the package version from `package.json` using `node -p "require('./package.json').version"` and then directly interpolates this value into a `gh release create` command. If the `version` field in `package.json` contains shell metacharacters (e.g., `1.0.0"; evil_command #`), this could lead to arbitrary command execution. While `package.json` is typically a trusted project file, a compromised project or malicious pull request could exploit this pattern. Instruct the LLM to sanitize or properly quote the `NEW_VERSION` variable when used in shell commands. For `gh release create`, ensure the version string is escaped for shell interpretation, for example, by using `printf %q` or a dedicated shell escaping function/library. | LLM | SKILL.md:180 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | plugins/specweave/skills/npm/SKILL.md:1 | |
| MEDIUM | Direct interpolation of package version into `awk` regex pattern The skill instructs the LLM to extract release notes using `awk` where the `NEW_VERSION` is directly embedded into a regex pattern: `/## \[$NEW_VERSION\]/{...}`. If `NEW_VERSION` contains regex metacharacters (e.g., `]`, `[`, `/`, `*`, `+`, `?`, `.`, etc.), it could lead to a regex syntax error, unexpected matching behavior, or a Regular Expression Denial of Service (ReDoS) if a complex, vulnerable regex is formed. Instruct the LLM to escape regex metacharacters in `NEW_VERSION` before embedding it into the `awk` pattern. For example, `NEW_VERSION_ESCAPED=$(echo "$NEW_VERSION" | sed 's/[][\/.^$*+?(){}|-]/\\&/g')` and then use `NEW_VERSION_ESCAPED` in the `awk` command. | LLM | SKILL.md:170 |
Scan History
Embed Code
[](https://skillshield.io/report/a63d6806f7eca0ce)
Powered by SkillShield