Trust Assessment
here-be-git received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via .gitignore generation.
The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, static_code_analysis, dependency_graph. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit 326f2466). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via .gitignore generation The skill instructs the agent to 'Generate an appropriate `.gitignore` based on their input'. If the agent's implementation uses shell commands (e.g., `echo`, `printf`) to create or modify the `.gitignore` file and directly interpolates unsanitized user input, a malicious user could inject arbitrary shell commands. For example, providing input like `*.log\n; rm -rf /` could lead to command execution on the host system. The agent implementation must sanitize or escape user-provided `.gitignore` patterns before using them in any shell command or file write operation. Ideally, the agent should use safe file I/O functions (e.g., Python's `open().write()`) rather than shell commands for writing user-controlled content. If shell commands are unavoidable, ensure all user input is properly quoted and escaped to prevent command injection. | Unknown | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/64befa56bae92450)
Powered by SkillShield