Security Audit
forvendettaw/viking-memory:root
github.com/forvendettaw/viking-memoryTrust Assessment
forvendettaw/viking-memory:root received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 5 critical, 0 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Potential Path Traversal via 'list' action.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 23, 2026 (commit d542ba0a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | SKILL.md:14 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | SKILL.md:29 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | SKILL.md:36 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | SKILL.md:43 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | index.js:7 | |
| MEDIUM | Potential Path Traversal via 'list' action The `listMemoriesHandler` action takes a `path` argument directly from user input and passes it without sanitization to the local `viking-memory` service's `/api/v1/fs/ls` endpoint. If the `viking-memory` service is vulnerable to path traversal (e.g., by not properly validating or sanitizing the `path` parameter), an attacker could use this skill to list arbitrary directories on the host machine, potentially revealing sensitive file system structure or file names. While the skill itself doesn't perform the filesystem operation, it acts as an unvalidated conduit to a potentially sensitive local API. Implement strict input validation and sanitization for the `path` parameter within the `listMemoriesHandler` before sending it to the `viking-memory` service. Ensure that the path is confined to an allowed directory and does not contain path traversal sequences (e.g., `..`, `/`). Alternatively, ensure the `viking-memory` service itself robustly handles and sanitizes the `path` parameter to prevent directory listing outside of its intended scope. | LLM | index.js:100 |
Scan History
Embed Code
[](https://skillshield.io/report/426ec493ef042631)
Powered by SkillShield