Trust Assessment
score-eval received a trust score of 66/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential for arbitrary file read via user-controlled path.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on May 1, 2026 (commit 38c7da85). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential for arbitrary file read via user-controlled path The skill description indicates it will 'Read the diff file at the path provided' where the path is derived from `$ARGUMENTS`. If `$ARGUMENTS` is not properly sanitized or restricted, an attacker could provide a path to any file on the system (e.g., `/etc/passwd`, `/app/secrets.txt`), leading to data exfiltration. This grants excessive read permissions beyond the skill's intended scope. Implement strict input validation for `$ARGUMENTS` to ensure it refers only to intended diff files within a restricted directory. Use a sandbox environment that limits file system access to only necessary paths. Avoid direct use of user-provided paths for file operations without proper sanitization and validation. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/85c855419f6d0cc2)
Powered by SkillShield