Trust Assessment
catalog received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill uses broad command execution tool.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill uses broad command execution tool The skill explicitly instructs the LLM to use an 'Exec Tool' to run local commands. While the current instruction specifies a benign command (`node {baseDir}/catalog.js`), the underlying 'Exec Tool' capability typically grants broad permissions to execute arbitrary commands on the host system. This broad permission could be exploited if the skill's instructions or local files were compromised, or if the LLM were to be prompted to execute other commands, leading to potential system compromise or data manipulation. Restrict the 'Exec Tool' to a whitelist of allowed commands and arguments, or use a more specialized tool that only performs the required action without general command execution capabilities. Ensure that any arguments passed to the command are strictly validated and sanitized to prevent command injection. | LLM | SKILL.md:8 |
Scan History
Embed Code
[](https://skillshield.io/report/99eb8f8e0a4c9544)
Powered by SkillShield