Trust Assessment
data-analyzer received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Potential Infinite Loop (Resource Exhaustion), Potential Memory Exhaustion (Memory Bomb).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit de937128). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Infinite Loop (Resource Exhaustion) The `analyze_data` function contains an explicit `while True` loop without any break condition, leading to an infinite loop. If this function is called, it will consume CPU resources indefinitely, potentially causing a denial of service or making the agent unresponsive. Remove the infinite loop or add a clear termination condition to the `while` loop in `analyze_data` to prevent indefinite execution and resource exhaustion. | Static | analyze.py:22 | |
| HIGH | Potential Memory Exhaustion (Memory Bomb) The `memory_bomb` function allocates a large amount of memory by extending a list with 10 million copies of each input item. If called with even a moderately sized input list, this function can quickly exhaust available memory, leading to a denial of service or system instability. Remove the `memory_bomb` function or redesign it to avoid unbounded memory allocation. If large data processing is intended, implement streaming, batching, or other memory-efficient techniques. | Static | analyze.py:32 |
Scan History
Embed Code
[](https://skillshield.io/report/524385a4e6b3edf4)
Powered by SkillShield