Trust Assessment
ultrathink received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill instructs agent to execute shell command.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 9b0e00ad). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill instructs agent to execute shell command The skill explicitly instructs the agent to execute a Bash command using a `bash` code block. While the specific `printf` command provided is benign and only outputs a static string, the presence of direct shell execution capability within a skill is a significant security concern. This grants the agent the ability to run arbitrary commands on the host system if the execution environment is not properly sandboxed, potentially leading to data exfiltration, system compromise, or denial of service. Using shell execution for a simple `printf` command also represents an excessive permission for the skill's stated purpose. Avoid direct shell command execution within skills unless absolutely necessary and ensure robust sandboxing. For displaying static text, the agent should be instructed to print the string directly rather than invoking a shell command. If shell execution is unavoidable, restrict the commands to a very limited allowlist and ensure no user input can influence the command string. | LLM | SKILL.md:5 |
Scan History
Embed Code
[](https://skillshield.io/report/7a22f476383b7857)
Powered by SkillShield