Trust Assessment
code-standards-detective received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Excessive Permissions: Unconstrained Bash and Write Access.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Excessive Permissions: Unconstrained Bash and Write Access The skill declares broad 'Bash' and 'Write' permissions without sufficient constraints. While the skill's examples for 'Bash' are benign 'grep' commands, and 'Write' is necessary for report generation, the skill does not limit the scope of these powerful tools. This allows a malicious prompt to instruct the LLM to execute arbitrary shell commands (e.g., `rm -rf /`, `cat /etc/passwd`) or write to arbitrary file paths, leading to potential data exfiltration, system modification, or denial of service. Restrict 'Bash' tool usage to a whitelist of safe commands or specific patterns (e.g., only 'grep' with predefined arguments). Restrict 'Write' tool usage to a specific output directory or file types. Implement sandboxing for 'Bash' execution to prevent access to sensitive system paths. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/230c27da9757e680)
Powered by SkillShield