Trust Assessment
here-be-git received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via .gitignore generation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit 326f2466). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via .gitignore generation The skill instructs the agent to 'Generate an appropriate `.gitignore` based on their input'. If the agent's implementation uses shell commands (e.g., `echo`, `printf`) to create or modify the `.gitignore` file and directly interpolates unsanitized user input, a malicious user could inject arbitrary shell commands. For example, providing input like `*.log\n; rm -rf /` could lead to command execution on the host system. The agent implementation must sanitize or escape user-provided `.gitignore` patterns before using them in any shell command or file write operation. Ideally, the agent should use safe file I/O functions (e.g., Python's `open().write()`) rather than shell commands for writing user-controlled content. If shell commands are unavoidable, ensure all user input is properly quoted and escaped to prevent command injection. | LLM | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/64befa56bae92450)
Powered by SkillShield