Trust Assessment
task-orchestrator received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Command Injection via Unsanitized Error Logs in Self-Healing, Command Injection via Unsanitized Issue Descriptions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 1, 2026 (commit a4d31ad1). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection via Unsanitized Error Logs in Self-Healing The self-healing script captures the last 20 lines of 'error.log' and interpolates them directly into a single-quoted string passed to 'tmux send-keys'. If the error log contains single quotes (which is common in compiler/test outputs or can be deliberately crafted by an attacker), it can break out of the single-quoted shell argument and execute arbitrary commands in the tmux session. Avoid passing raw, unsanitized file contents directly into shell commands or 'tmux send-keys'. Properly escape single quotes before interpolating them into the command string (e.g., using sed to escape single quotes), or pass the error context via an environment variable or a temporary file. | LLM | SKILL.md:160 | |
| HIGH | Command Injection via Unsanitized Issue Descriptions The orchestrator fetches issue titles and descriptions from GitHub and interpolates them into a single-quoted string passed to 'tmux send-keys' (e.g., 'codex --yolo 'Fix issue #N: DESCRIPTION...'). If an issue description contains single quotes or shell metacharacters, it can break out of the single quotes and execute arbitrary commands in the tmux session. Sanitize or escape the issue description before passing it to the shell or 'tmux send-keys'. Alternatively, pass the description via an environment variable or a temporary file rather than direct command-line interpolation. | LLM | SKILL.md:110 |
Scan History
Embed Code
[](https://skillshield.io/report/3eba57a7cacccd4b)
Powered by SkillShield