Trust Assessment
security received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Shell command attempts to read files from user's home directory.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 15, 2026 (commit 1823c3f6). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Shell command attempts to read files from user's home directory The skill includes a shell command prefixed with `!` (indicating execution) that attempts to read markdown files from various directories, including `$HOME/.claude/skill-memories`. This poses a significant data exfiltration risk, as it could allow the agent to access and potentially expose sensitive information stored in the user's home directory if the execution environment permits arbitrary file system access. Remove the shell command or restrict its file access to only skill-specific, non-sensitive directories. Ensure the agent's execution environment strictly prevents arbitrary file system access, especially to user home directories or sensitive configuration files. If the intent is to load skill-specific configuration, use a secure, sandboxed mechanism. | LLM | SKILL.md:5 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | plugins/specweave/skills/security/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/e08a034059e73f36)
Powered by SkillShield