Trust Assessment
caldav-calendar received a trust score of 96/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via vdirsyncer password.fetch configuration.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Potential Command Injection via vdirsyncer password.fetch configuration The skill documentation demonstrates `vdirsyncer`'s `password.fetch` mechanism, which allows executing arbitrary shell commands (e.g., `cat`) to retrieve credentials. While this is a feature of `vdirsyncer` for flexible password retrieval, an AI agent implementing this skill might learn this pattern and, if not carefully sanitizing user input when generating `vdirsyncer` configurations, could introduce a command injection vulnerability. An attacker could potentially provide a malicious command to be executed by `vdirsyncer` if the agent constructs the `command` array using untrusted input. When generating `vdirsyncer` configurations, especially the `password.fetch` directive, ensure that any user-provided input for the command or its arguments is strictly validated and sanitized. Prefer using secure credential storage mechanisms over executing arbitrary shell commands for password retrieval if possible, or restrict the commands to a very limited allowlist. | LLM | SKILL.md:117 |
Scan History
Embed Code
[](https://skillshield.io/report/4fad423612db3904)
Powered by SkillShield