Security Audit
DietrichGebert/ponytail:skills/ponytail-debt
github.com/DietrichGebert/ponytailTrust Assessment
DietrichGebert/ponytail:skills/ponytail-debt received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via Untrusted Filenames in Git Blame.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 21, 2026 (commit 6da37bfa). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Untrusted Filenames in Git Blame The skill instructs the LLM to run `git blame -L<line>,<line>` using file paths and line numbers parsed from the output of a `grep` command. If the repository contains files with malicious names (e.g., containing shell metacharacters like semicolons, pipes, or backticks), and the LLM executes these commands in a shell without proper sanitization or escaping, it can lead to arbitrary command execution on the host system. Explicitly instruct the LLM to sanitize all file paths and line numbers extracted from the workspace before passing them to shell commands, or ensure that the underlying tool execution mechanism passes arguments as a safe array rather than evaluating them in a shell shell. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/7b74cac8dfce76f7)
Powered by SkillShield