Security Audit

3d-cog

github.com/CellCog/cellcog_python

AI SkillCommit 89ffa28e56d9

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

3d-cog received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Data Exfiltration via File Access Mechanism.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 89ffa28e). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Potential Data Exfiltration via File Access Mechanism The skill documentation demonstrates the use of a `<SHOW_FILE>` tag to include content from local files (e.g., images) in prompts. If the underlying system that processes this tag does not properly validate or sandbox file paths, an attacker could potentially use this mechanism to read arbitrary files from the agent's filesystem (e.g., configuration files, credentials, sensitive user data) and exfiltrate their contents through the generated 3D model or subsequent agent responses. The examples provided use relative paths, but the mechanism's security depends entirely on the implementation of the `<SHOW_FILE>` handler. This represents a potential excessive permission if not strictly controlled. Ensure that the system processing `<SHOW_FILE>` tags strictly validates file paths, restricts access to a sandboxed directory, and prevents traversal attacks (e.g., `../`, absolute paths outside allowed directories). Implement robust access control and logging for file access attempts. The agent environment should enforce least privilege for file access.	LLM	SKILL.md:107

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/e7dcb281742c2cbf.svg)](https://skillshield.io/report/e7dcb281742c2cbf)