Security Audit
openai/openai-agents-js:.agents/skills/examples-auto-run
github.com/openai/openai-agents-jsTrust Assessment
openai/openai-agents-js:.agents/skills/examples-auto-run received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Arbitrary Code Execution via Node.js Dynamic Import in Shell Script.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 17, 2026 (commit 72ca4bc1). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary Code Execution via Node.js Dynamic Import in Shell Script The `rerun_list` function in `scripts/run.sh` executes inline Node.js scripts using `node --input-type=module -` and dynamically imports `scripts/run-example-starts.mjs` relative to the `$ROOT` directory. If an attacker can write or modify files in the repository (e.g., via a malicious pull request, untrusted dependency, or compromised workspace), they can inject arbitrary code into `scripts/run-example-starts.mjs` which will be executed with the privileges of the host runner when `run.sh` is invoked. Avoid dynamic imports of local files inside inline Node.js scripts executed from shell wrappers. Instead, parse configuration files statically (e.g., JSON or YAML) or use a dedicated, non-dynamic CLI entry point with strict input validation. | LLM | scripts/run.sh:154 |
Scan History
Embed Code
[](https://skillshield.io/report/e8c926f3e594dfa5)
Powered by SkillShield