Trust Assessment
windows-builder received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 2 high, 0 medium, and 0 low severity. Key findings include WinRM configured for unencrypted communication and insecure SSL, Remote Code Execution via unverified script download, Unpinned package installations from public repositories.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on June 1, 2026 (commit 339a1139). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | WinRM configured for unencrypted communication and insecure SSL The `scripts/setup-winrm.ps1` script explicitly sets `AllowUnencrypted="true"` for the WinRM service, and the Packer HCL configurations for both AWS and Azure examples set `winrm_insecure = true`. This combination means that all WinRM communication, including authentication credentials (e.g., `winrm_username` and its associated password), will be transmitted in plaintext over the network. This makes the credentials highly vulnerable to interception by attackers, leading to potential compromise of the build environment or the resulting image. 1. Remove `winrm set winrm/config/service '@{AllowUnencrypted="true"}'` from `scripts/setup-winrm.ps1`. 2. Ensure `winrm_use_ssl = true` is always used. 3. Remove `winrm_insecure = true` and configure proper SSL/TLS certificates for WinRM, or ensure the network path is fully isolated and trusted if `winrm_insecure` is strictly necessary for a build environment. | LLM | SKILL.md:40 | |
| HIGH | Remote Code Execution via unverified script download The skill uses `iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))` to install Chocolatey. This command downloads a PowerShell script from a remote URL and immediately executes its content without any integrity checks (e.g., hash verification). This creates a significant supply chain risk: if `community.chocolatey.org` were compromised, or if the script content were maliciously altered, arbitrary code could be executed on the build machine, potentially leading to a full compromise of the image being built or the build environment. 1. Download the Chocolatey installation script to a trusted, version-controlled location (e.g., a local script in the repository or an internal artifact repository). 2. Verify the script's integrity using a cryptographic hash before execution. 3. Consider using a more secure method for Chocolatey installation, such as a pre-packaged installer or a trusted internal mirror. | LLM | SKILL.md:95 | |
| HIGH | Unpinned package installations from public repositories The skill installs software using `choco install -y googlechrome`, `choco install -y 7zip`, and `Install-Module -Name PSWindowsUpdate -Force`. These commands fetch the latest available versions of packages from public repositories (Chocolatey, PowerShell Gallery) without specifying exact versions or performing integrity checks. This introduces a supply chain risk:
* **Non-deterministic builds:** The installed versions can change over time, leading to inconsistent build outputs.
* **Vulnerability introduction:** A new version of a package could introduce a security vulnerability.
* **Repository compromise:** If the public repositories or the packages themselves are compromised, malicious software could be installed onto the image. 1. **Pin package versions:** Always specify exact versions for Chocolatey packages (e.g., `choco install -y googlechrome --version=100.0.4896.75`) and PowerShell modules (e.g., `Install-Module -Name PSWindowsUpdate -RequiredVersion 2.2.0.4`). 2. **Use internal mirrors/proxies:** Configure Chocolatey and PowerShell to use internal, trusted package repositories that cache and scan packages. 3. **Integrity verification:** Implement mechanisms to verify the integrity of downloaded packages (e.g., checksums) before installation. | LLM | SKILL.md:103 |
Scan History
Embed Code
[](https://skillshield.io/report/7ea47f8495f05e33)
Powered by SkillShield