Trust Assessment
agent-analytics received a trust score of 84/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via Unsanitized User Input in Shell Commands, Unpinned Dependency for 'npx' Command.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Unsanitized User Input in Shell Commands The skill provides shell command templates (e.g., `npx agent-analytics events PROJECT_NAME`, `curl ... project=my-site`) that are intended for execution by the AI agent. These commands contain placeholders like `PROJECT_NAME` or `my-site`. If the AI agent populates these placeholders with untrusted user input without proper sanitization, escaping, or quoting, it could lead to command injection, allowing an attacker to execute arbitrary shell commands on the host system. The skill does not provide explicit guidance or mechanisms for safe input handling. Instruct the AI agent to always sanitize and properly quote or escape any user-controlled input before incorporating it into shell commands. Consider providing helper functions or libraries that abstract away direct shell command construction and ensure safe parameter passing. Add explicit warnings in the skill documentation about the dangers of unsanitized input. | LLM | SKILL.md:40 | |
| MEDIUM | Unpinned Dependency for 'npx' Command The skill instructs the use of `npx agent-analytics` without specifying a version (e.g., `npx agent-analytics@1.1.0`). By default, `npx` will fetch and execute the latest available version of the `agent-analytics` package from npm. This introduces a supply chain risk, as a malicious update to the `agent-analytics` package could be automatically downloaded and executed by the AI agent, potentially leading to arbitrary code execution or data exfiltration. Pin the `agent-analytics` package to a specific, known-good version (e.g., `npx agent-analytics@1.1.0`) to prevent automatic execution of potentially malicious or breaking updates. Regularly review and update the pinned version after verifying its integrity. | LLM | SKILL.md:38 |
Scan History
Embed Code
[](https://skillshield.io/report/9dd42101fb0583cb)
Powered by SkillShield