Trust Assessment
code-mentor received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 13 findings: 7 critical, 3 high, 3 medium, and 0 low severity. Key findings include Arbitrary command execution, Dangerous call: subprocess.run(), Unpinned Python dependency version.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings13
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/samuelkahessay/code-mentor/scripts/run_tests.py:74 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/samuelkahessay/code-mentor/scripts/run_tests.py:138 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/samuelkahessay/code-mentor/scripts/run_tests.py:189 | |
| CRITICAL | Arbitrary command execution Python dynamic code execution (exec/eval/compile) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/samuelkahessay/code-mentor/scripts/analyze_code.py:197 | |
| CRITICAL | Arbitrary command execution Python dynamic code execution (exec/eval/compile) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/samuelkahessay/code-mentor/scripts/analyze_code.py:201 | |
| CRITICAL | Arbitrary command execution Python dynamic code execution (exec/eval/compile) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/samuelkahessay/code-mentor/scripts/analyze_code.py:202 | |
| CRITICAL | Command Injection via Test Runner Target The `scripts/run_tests.py` script executes external test runners (`pytest`, `unittest`, `npx jest`, `java -jar ...`) using `subprocess.run`. The `target` argument for these runners is taken directly from command-line input (`sys.argv[1]`) without sufficient sanitization. If an AI agent invokes this script with user-provided input for the `target`, a malicious user could inject arbitrary commands. For example, by providing a `target` like `'; rm -rf /'` or `'-c import os; os.system("malicious_code")'` for Python runners, or similar constructs for `npx jest` or `java` commands, an attacker could achieve arbitrary code execution on the host system. Implement strict input validation and sanitization for the `target` argument to ensure it is a safe, valid file path and does not contain command separators or malicious payloads. Consider executing test runners in a sandboxed environment with restricted permissions. Avoid directly passing user-controlled strings as arguments to external commands; instead, parse user intent and construct safe arguments internally. | LLM | scripts/run_tests.py:50 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'run'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/samuelkahessay/code-mentor/scripts/run_tests.py:74 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'run'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/samuelkahessay/code-mentor/scripts/run_tests.py:138 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'run'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/samuelkahessay/code-mentor/scripts/run_tests.py:189 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pylint>=2.15.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/samuelkahessay/code-mentor/requirements.txt:6 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pytest>=7.2.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/samuelkahessay/code-mentor/requirements.txt:9 | |
| MEDIUM | Unpinned Python dependency version Requirement 'colorama>=0.4.6' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/samuelkahessay/code-mentor/requirements.txt:12 |
Scan History
Embed Code
[](https://skillshield.io/report/b33c7797051b8cc1)
Powered by SkillShield