Trust Assessment
single-cell-rna-qc received a trust score of 48/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 0 critical, 3 high, 1 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Path Traversal in Output Directory Creation and File Saving, Regular Expression Denial of Service (ReDoS) via User-Supplied Pattern.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on April 1, 2026 (commit c5207c5e). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/single-cell-rna-qc/scripts/qc_core.py:5 | |
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/single-cell-rna-qc/scripts/qc_plotting.py:5 | |
| HIGH | Path Traversal in Output Directory Creation and File Saving The skill directly uses user-provided input for the `--output-dir` argument without proper sanitization. This allows an attacker to specify a path containing directory traversal sequences (e.g., `../../`) to write output files to arbitrary locations on the filesystem where the skill has write permissions. This could lead to overwriting critical system files, placing malicious content, or exfiltrating data by writing it to an accessible location. Sanitize the `output_dir` argument to prevent path traversal. Ensure that the resolved path remains within an allowed base directory. For example, use `pathlib.Path` with `resolve()` and check that the resolved path starts with the expected base output directory, or explicitly remove `..` components from the path. | Static | scripts/qc_analysis.py:100 | |
| MEDIUM | Regular Expression Denial of Service (ReDoS) via User-Supplied Pattern The skill directly uses user-provided input for the `--hb-pattern` argument as a regular expression pattern in `adata.var_names.str.match()`. A malicious user could supply a crafted, computationally expensive (pathological) regular expression. If this regex is applied to a large dataset of gene names, it could lead to a Regular Expression Denial of Service (ReDoS) attack, causing the script to consume excessive CPU resources and potentially hang or crash. Validate or sanitize user-supplied regular expression patterns. Consider implementing a timeout for regex operations or using a regex engine that offers ReDoS protection. Alternatively, restrict the complexity of allowed patterns or provide a predefined set of safe patterns for users to choose from. | Static | scripts/qc_core.py:46 |
Scan History
Embed Code
[](https://skillshield.io/report/12f94b1bedb593f6)
Powered by SkillShield