Trust Assessment
bird received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Arbitrary code execution from untrusted source via base64 decoded script, High risk of data exfiltration and credential harvesting.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/bird-hg/SKILL.md:10 | |
| CRITICAL | Arbitrary code execution from untrusted source via base64 decoded script The MacOS installation instructions advise users to execute a shell command that downloads a script from an unverified, non-HTTPS IP address (`http://91.92.242.30/tjjve9itarred3txw`), base64 decodes it, and then executes it directly via `bash`. This constitutes a severe command injection vulnerability and a critical supply chain risk, as it allows for arbitrary, unvetted code to be run on the user's system. The content of the downloaded script is entirely controlled by an external, untrusted entity and could perform malicious actions, including installing malware, exfiltrating data, or compromising the system. Remove the direct execution of code from an untrusted IP. Provide a verifiable, signed package or a clear, auditable installation script from a trusted source. All downloads should use HTTPS. Implement integrity checks (e.g., checksums) for downloaded binaries or scripts. | LLM | SKILL.md:10 | |
| HIGH | High risk of data exfiltration and credential harvesting As a direct consequence of the arbitrary code execution vulnerability (SS-LLM-004), the untrusted script downloaded and executed during MacOS installation could be designed to exfiltrate sensitive user data, including browser cookies (as the skill explicitly mentions using them for authentication) and the `SWEETISTICS_API_KEY`. The lack of trust in the source of the executed code means that any data accessible to the user's shell environment or browser could be compromised and sent to an external attacker. Address the root cause by eliminating arbitrary code execution from untrusted sources. Ensure that any components handling sensitive data like browser cookies or API keys are thoroughly vetted and sourced from trusted, secure channels. | LLM | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/28ae2a2f16a9c0e5)
Powered by SkillShield