Trust Assessment
ccsinfo received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 3 critical, 2 high, 1 medium, and 0 low severity. Key findings include Persistence / self-modification instructions, Network egress to untrusted endpoints, File read + network send exfiltration.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 10/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/myakove/ccsinfo/SKILL.md:49 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/myakove/ccsinfo/SKILL.md:46 | |
| CRITICAL | File read + network send exfiltration AI agent config/credential file access Remove access to sensitive files not required by the skill's stated purpose. SSH keys, cloud credentials, and browser data should never be read by skills unless explicitly part of their declared functionality. | Manifest | skills/myakove/ccsinfo/SKILL.md:23 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.claude/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/myakove/ccsinfo/SKILL.md:23 | |
| HIGH | Unpinned Git Dependency in Installation Script The `scripts/install.sh` uses `uv tool install git+https://github.com/myk-org/ccsinfo.git` to install the `ccsinfo` CLI tool. This command installs directly from the default branch of the Git repository without specifying a commit hash, tag, or specific branch. This introduces a supply chain risk, as a compromise of the `myk-org/ccsinfo` repository could lead to malicious code being injected into the main branch, which would then be unknowingly installed and executed on the user's system. Pin the dependency to a specific commit hash or version tag. For example: `uv tool install git+https://github.com/myk-org/ccsinfo.git@<commit_hash>` or `uv tool install git+https://github.com/myk-org/ccsinfo.git@v1.2.3` to ensure deterministic and secure installations. | LLM | scripts/install.sh:11 | |
| MEDIUM | Persistence mechanism: Shell RC file modification Detected Shell RC file modification pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/myakove/ccsinfo/SKILL.md:49 |
Scan History
Embed Code
[](https://skillshield.io/report/0b547b22d47e8b44)
Powered by SkillShield