Security Audit
ghostty
github.com/Mrc220/agent_flywheel_clawdbot_skills_and_integrationsTrust Assessment
ghostty received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Arbitrary Command Execution via `ghostty -e`.
The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, static_code_analysis, dependency_graph. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit c7bd8e0f). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary Command Execution via `ghostty -e` The skill explicitly demonstrates the use of `ghostty -e "<command>"`, which allows executing arbitrary shell commands. If an AI agent or a malicious prompt can control the `<command>` argument, it can lead to command injection, enabling full system compromise, data exfiltration, or denial of service on the host system. This grants excessive permissions to the agent, allowing it to run any command with the privileges of the user executing the `ghostty` process. Remove or strictly sanitize any user-controlled input passed to the `ghostty -e` command. If arbitrary command execution is not an intended feature of the skill, remove the `-e` capability from the skill definition. If it is intended, implement robust input validation and sandboxing for the executed commands. Consider using a more restricted IPC mechanism if available, or a wrapper that only allows a predefined set of safe commands. | Unknown | SKILL.md:59 |
Scan History
Embed Code
[](https://skillshield.io/report/02715ffb03da990c)
Powered by SkillShield