Security Audit

ncklrs/startup-os-skills:skills/remotion-asset-coordinator

github.com/ncklrs/startup-os-skills

AI SkillCommit 916259640e86

TRUSTED

Scanned 29 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

ncklrs/startup-os-skills:skills/remotion-asset-coordinator received a trust score of 78/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via Example Shell Commands.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on March 10, 2026 (commit 91625964). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Potential Command Injection via Example Shell Commands The skill document provides numerous shell command examples (e.g., `pngquant`, `magick`, `ffmpeg`, `npm install`) for asset preparation and optimization. If the AI agent is integrated with a tool that allows shell command execution, and if user-provided input is used to construct or substitute arguments in these commands without proper sanitization, it could lead to arbitrary command injection. For example, a malicious user could provide a filename that includes shell commands, which, if executed, could compromise the host system. 1. Implement strict input validation and sanitization for any user-provided data that might be used in constructing shell commands. 2. If shell execution is necessary, ensure the execution environment is sandboxed and has minimal permissions. 3. Prefer using dedicated, parameterized tools or APIs for file operations and transformations instead of generating raw shell commands. 4. Explicitly instruct the LLM that these are examples for the user and not commands for the LLM to execute directly, unless a specific, secure tool call is intended.	LLM	SKILL.md:159

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/4f0360d719369823.svg)](https://skillshield.io/report/4f0360d719369823)