Trust Assessment
spec-miner received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Excessive Permissions: Bash tool allowed, Potential Data Exfiltration via Grep of Sensitive Patterns.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on June 1, 2026 (commit e8be415b). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Excessive Permissions: Bash tool allowed The skill declares 'Bash' as an allowed tool in its manifest. Granting 'Bash' access allows the AI agent to execute arbitrary shell commands on the host system. This capability can be exploited for command injection, data exfiltration, system modification, or denial of service if the agent is prompted to execute malicious commands, either directly or indirectly through crafted input. Remove 'Bash' from the 'allowed-tools' list unless absolutely necessary. If shell execution is required, restrict it to a very narrow set of predefined, parameterized commands and ensure all inputs are strictly validated and sanitized. Consider using safer, more specific tools instead of a general-purpose shell. | LLM | Manifest:1 | |
| HIGH | Potential Data Exfiltration via Grep of Sensitive Patterns The skill explicitly instructs the AI to use `Grep` to locate sensitive patterns such as environment variables (`os.environ`), configuration files (`config[`, `settings.`). While this is part of the skill's legitimate function (reverse engineering), it means the AI will actively identify and process potentially sensitive data. If the AI then includes this identified sensitive information in its output, it could lead to inadvertent data exfiltration. This risk is amplified by the presence of the 'Bash' tool, which could be used to further exfiltrate any identified sensitive data. Implement strict output filtering and sanitization to prevent the AI from including sensitive data (like raw environment variables or configuration secrets) in its responses. Instruct the AI to redact or abstract sensitive information when documenting findings. If possible, configure the environment where the skill runs to not contain highly sensitive data or use a sandboxed execution environment. | LLM | SKILL.md:39 |
Scan History
Embed Code
[](https://skillshield.io/report/cc3f7b620cba6bcc)
Powered by SkillShield