Trust Assessment
bluebubbles received a trust score of 88/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Data Exfiltration via Arbitrary File Path in `sendAttachment`.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 18, 2026 (commit b62bd290). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Data Exfiltration via Arbitrary File Path in `sendAttachment` The `sendAttachment` action allows specifying an arbitrary `path` to a local file. A malicious user could instruct the LLM to use this action to send sensitive files from the agent's host system (e.g., `/etc/passwd`, `~/.ssh/id_rsa`) to an external recipient via BlueBubbles. This capability, if not properly restricted by the underlying execution environment or LLM guardrails, poses a significant data exfiltration risk. Implement strict access controls and sandboxing for file system access by the `message` tool. Validate and sanitize file paths provided by the LLM, potentially restricting access to specific directories or requiring user confirmation for sensitive paths. Consider using a file picker or temporary upload mechanism instead of direct path input for user-provided files. | LLM | SKILL.md:86 |
Scan History
Embed Code
[](https://skillshield.io/report/18d1ffed81110bc1)
Powered by SkillShield