Trust Assessment
self-improvement received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Command Injection via Hook Configuration, Supply Chain Risk: Uninspected Executable Scripts.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit 0676c56a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection via Hook Configuration The skill explicitly instructs the agent to configure its environment (e.g., via `.claude/settings.json`) to execute shell scripts (`activator.sh`, `error-detector.sh`, `extract-skill.sh`) through hooks. These scripts are located within the skill's own directory (`./skills/self-improvement/scripts/`). The content of these scripts is not provided in the skill context, meaning their behavior is unknown. If these scripts contain malicious commands or are vulnerable to untrusted input, they will be executed by the agent, leading to potential command injection. Review the content of `activator.sh`, `error-detector.sh`, and `extract-skill.sh` scripts. Ensure they perform only intended, safe operations and do not accept or process untrusted input in a way that could lead to arbitrary command execution. If the scripts are not provided, this skill should be considered high risk until they are audited. Implement strict sandboxing or execution policies for external scripts. | LLM | SKILL.md:204 | |
| HIGH | Supply Chain Risk: Uninspected Executable Scripts The skill package includes instructions for the agent to execute shell scripts (`activator.sh`, `error-detector.sh`, `extract-skill.sh`) that are part of the skill's own directory. The content of these scripts is not provided in the analysis context. This poses a significant supply chain risk, as the behavior of these executable components is unknown. Malicious or vulnerable code within these scripts could be executed by the agent, compromising the system. Provide the full content of all executable scripts (`activator.sh`, `error-detector.sh`, `extract-skill.sh`) within the skill package for security analysis. Without their content, the skill should be treated as high risk. Ensure that any scripts executed are thoroughly vetted and adhere to security best practices. | LLM | SKILL.md:204 |
Scan History
Embed Code
[](https://skillshield.io/report/dbe0dd16795d9e18)
Powered by SkillShield