Security Audit
openai/openai-agents-python:.agents/skills/pr-draft-summary
github.com/openai/openai-agents-pythonTrust Assessment
openai/openai-agents-python:.agents/skills/pr-draft-summary received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Arbitrary Shell Command Execution via Git Subshell Evaluation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 17, 2026 (commit 965335ab). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary Shell Command Execution via Git Subshell Evaluation The skill instructs the LLM to automatically execute complex shell commands, including subshell evaluations and script executions from the local repository path (e.g., `.agents/skills/final-release-review/scripts/find_latest_release_tag.sh`). If an attacker can manipulate the repository files, branch names, or tags, this can lead to arbitrary command execution in the user's local environment. Avoid executing arbitrary shell scripts or complex subshell evaluations directly from the repository. Instead, use safe, built-in git commands or APIs provided by the host environment to retrieve tags and branch information. | LLM | SKILL.md:19 |
Scan History
Embed Code
[](https://skillshield.io/report/81c69548d551192f)
Powered by SkillShield