Trust Assessment
beauty-generation-free received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 8 findings: 0 critical, 2 high, 5 medium, and 1 low severity. Key findings include Potential hardcoded secret (high entropy), Suspicious import: urllib.request, Potential data exfiltration: file read + network send.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Static Code Analysis layer scored lowest at 50/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings8
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential data exfiltration: file read + network send Function 'generate_and_download' reads files and sends data over the network. This may indicate data exfiltration. Review this function to ensure file contents are not being sent to external servers. | Static | skills/luruibu/beauty-generation-api/scripts/generate.py:113 | |
| HIGH | Potential Command Injection via unsanitized user input in shell commands The skill instructs the AI agent to execute shell commands (`python3 scripts/generate.py` and `curl`) that take user-provided input for arguments such as `--prompt` and `--output-dir`. If the host LLM directly interpolates user input into these shell commands without proper sanitization or escaping, a malicious user could inject arbitrary shell commands. For example, a prompt like `"; rm -rf /; #"` could lead to execution of `rm -rf /`. Similarly, an `--output-dir` argument allowing arbitrary paths (e.g., `/etc`) could lead to attempts to write to sensitive system directories. The host LLM should ensure all user-provided arguments passed to shell commands are properly escaped or sanitized to prevent command injection. For `--prompt`, ensure shell metacharacters are escaped. For `--output-dir`, restrict paths to a safe, non-sensitive directory or ensure it's relative and within a designated sandbox. | LLM | SKILL.md:105 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.89) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/luruibu/beauty-generation-api/SKILL.md:104 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.89) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/luruibu/beauty-generation-api/SKILL.md:114 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.89) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/luruibu/beauty-generation-api/SKILL.md:120 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.89) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/luruibu/beauty-generation-api/scripts/generate.py:20 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/luruibu/beauty-generation-api/scripts/generate.py:13 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/luruibu/beauty-generation-api/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/4b4c239bc4c93681)
Powered by SkillShield