Security Audit
openai/skills:skills/.curated/openai-docs
github.com/openai/skillsTrust Assessment
openai/skills:skills/.curated/openai-docs received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Command Injection via Unsanitized Arguments in resolve-latest-model-info.js.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 17, 2026 (commit 49f948fa). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/.curated/openai-docs/scripts/resolve-latest-model-info.js:7 | |
| HIGH | Command Injection via Unsanitized Arguments in resolve-latest-model-info.js The script `scripts/resolve-latest-model-info.js` accepts command-line arguments `--source` or `--url` and passes them directly to `fs.readFile` or `fetch` without validation. If an attacker can control the arguments passed to this script, they can read arbitrary local files (using `file://` or relative paths) or perform Server-Side Request Forgery (SSRF) / data exfiltration via HTTP requests. Restrict the `--source` argument to a strict whitelist of allowed domains (e.g., developers.openai.com) and prevent local file system access via `file://` or relative paths unless explicitly authorized and sanitized. | LLM | scripts/resolve-latest-model-info.js:34 |
Scan History
Embed Code
[](https://skillshield.io/report/d62bc00cedccc052)
Powered by SkillShield