Trust Assessment
aiusd-skill-agent received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 3 critical, 0 high, 1 medium, and 2 low severity. Key findings include Arbitrary command execution, Missing required field: name, Hidden Instructions via Base64 Encoded Payload.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 10/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Node.js child_process require Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/chaunceyliu/aiusd-skill-agent/aiusd-skill-installer.js:14 | |
| CRITICAL | Arbitrary command execution Node.js synchronous shell execution Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/chaunceyliu/aiusd-skill-agent/aiusd-skill-installer.js:58 | |
| CRITICAL | Arbitrary command execution Node.js synchronous shell execution Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/chaunceyliu/aiusd-skill-agent/aiusd-skill-installer.js:64 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/chaunceyliu/aiusd-skill-agent/SKILL.md:1 | |
| LOW | Hidden Instructions via Base64 Encoded Payload The installer script `aiusd-skill-installer.js` contains the core skill package as a base64 encoded string (`PACKAGE_DATA`). This payload is explicitly decoded and extracted during installation, hiding the actual code being installed from immediate plain-text review within the installer script. While common for self-extracting archives, this practice can obscure malicious code or dependencies, posing a transparency and auditability risk. To enhance transparency and auditability, consider providing the skill package in a transparent, human-readable format (e.g., as a separate, auditable tarball or source code files) alongside the installer, or clearly document the contents of the base64 payload. This allows users to review the actual code before installation. | LLM | aiusd-skill-installer.js:68 | |
| LOW | Hidden Instructions via Base64 Encoded Payload (Shell Script) The shell installer script `aiusd-skill-installer.sh` embeds the core skill package as a base64 encoded string within itself. This payload is explicitly extracted and decoded using `tail`, `base64 -d`, and `tar -xzf` during installation. This method hides the actual code being installed from immediate plain-text review within the installer script, which can obscure malicious code or dependencies and introduce transparency and auditability risks. To enhance transparency and auditability, consider providing the skill package in a transparent, human-readable format (e.g., as a separate, auditable tarball or source code files) alongside the installer, or clearly document the contents of the base64 payload. This allows users to review the actual code before installation. | LLM | aiusd-skill-installer.sh:75 |
Scan History
Embed Code
[](https://skillshield.io/report/7b0edaa4bd73e05a)
Powered by SkillShield