Security Audit
filesystem-context
github.com/muratcankoylan/Agent-Skills-for-Context-EngineeringTrust Assessment
filesystem-context received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Path Traversal in ScratchPadManager.offload.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 1, 2026 (commit 175cee7c). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Path Traversal in ScratchPadManager.offload The `offload` method in `ScratchPadManager` constructs a file path by directly concatenating the `source` parameter into the filename and joining it with `self.base_path`. If an attacker can control or manipulate the `source` parameter (e.g., via tool names or user-controlled inputs), they can use directory traversal sequences (like `../`) to write arbitrary files outside the intended scratch directory, potentially leading to arbitrary file write or remote code execution. Sanitize the `source` parameter to ensure it does not contain path traversal characters (e.g., by extracting only the basename using `os.path.basename(source)` or validating that the resolved path is a strict subdirectory of `self.base_path`). | LLM | scripts/filesystem_context.py:83 |
Scan History
Embed Code
[](https://skillshield.io/report/977cdea9b0f21ad2)
Powered by SkillShield