Security Audit

generating-practice-questions

github.com/https-deeplearning-ai/sc-agent-skills-files

AI SkillCommit d3e7b4f6ec5d

TRUSTED

Scanned 9 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

generating-practice-questions received a trust score of 88/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Insecure Code Generation from Untrusted Input.

The analysis covered 4 layers: dependency_graph, llm_behavioral_safety, manifest_analysis, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 11, 2026 (commit d3e7b4f6). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Insecure Code Generation from Untrusted Input The skill instructs the LLM to generate Python code for coding exercises based on user-provided input files (e.g., lecture notes). The prompt does not sufficiently restrict the generated code, explicitly allowing the use of the full Python 'standard library' which includes dangerous modules like 'os', 'subprocess', and 'socket'. A specially crafted input file could contain instructions that trick the LLM into generating a malicious script that executes arbitrary commands, accesses the filesystem, or exfiltrates data when run by the user. Update the prompt to explicitly forbid the use of dangerous modules. Add a constraint such as: 'The generated code must NOT import or use modules capable of filesystem access, networking, or command execution (e.g., os, subprocess, sys, shutil, socket, requests). Only use modules from the approved list and safe standard library modules like 'math' or 'random'.' The agent should also warn the user to review any generated code before execution.	Unknown	SKILL.md:86

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/a03a5349b6642cdc.svg)](https://skillshield.io/report/a03a5349b6642cdc)