Trust Assessment
security-reviewer received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Broad 'Bash' permission declared.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit 3d5e297b). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Broad 'Bash' permission declared The skill declares 'Bash' in its 'allowed-tools', granting it the ability to execute arbitrary shell commands. While this permission may be necessary for a 'security-reviewer' skill performing tasks like penetration testing or running SAST tools, it represents a significant security risk due to its broad nature. If the skill's runtime instructions were to be compromised (e.g., via prompt injection or malicious input), this permission could be abused to execute arbitrary commands, exfiltrate data, or disrupt systems. The declaration of this powerful capability creates a potential exploit path for command injection. Carefully review all uses of `Bash` within the skill's implementation to ensure commands are strictly controlled and sanitized. Implement robust input validation and output sanitization for any `Bash` commands. Consider if more granular permissions or a sandboxed environment could achieve the skill's objectives with less risk. If possible, restrict `Bash` usage to a predefined set of safe commands or arguments. | Static | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/c69c07edc08d9a84)
Powered by SkillShield