Trust Assessment
asana received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Arbitrary File Read leading to Data Exfiltration.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Read leading to Data Exfiltration The `upload-attachment` command in `scripts/asana.mjs` directly uses the `--file` argument to read a file from the local filesystem (`fs.existsSync`, `fs.createReadStream`). If an attacker can control the value of this argument, they could instruct the skill to read any file accessible to the skill's process and upload its contents to Asana. This poses a significant data exfiltration risk, allowing an attacker to potentially access sensitive files (e.g., configuration files, private keys, user data) from the host system. Implement strict input validation and sanitization for the `--file` argument. Restrict file paths to a designated, isolated upload directory or temporary storage. Consider requiring explicit user confirmation for uploads of files outside of expected paths. Running the skill in a sandboxed environment with minimal filesystem access (e.g., Docker with restricted volume mounts) can also mitigate the impact. | LLM | scripts/asana.mjs:1008 |
Scan History
Embed Code
[](https://skillshield.io/report/6466f44766c62a74)
Powered by SkillShield