Trust Assessment
code-task-generator received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Arbitrary File and URL Read Capability.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File and URL Read Capability The skill explicitly instructs the AI agent to accept arbitrary file paths, directory paths, or URLs as input. This grants the agent broad read access to the local filesystem and potentially internal network resources. While intended for processing task descriptions and PDD plans, an attacker could provide paths to sensitive files (e.g., configuration files, private keys, credential stores) or internal URLs. The content of these sensitive inputs could then be processed and potentially included in the generated output files (`.code-task.md`), leading to data exfiltration. Restrict file and directory access to a predefined, sandboxed directory. Implement strict validation and sanitization for URLs to prevent Server-Side Request Forgery (SSRF) and access to internal resources. If arbitrary file access is strictly necessary, ensure that the agent's output is carefully sanitized and reviewed before being stored or shared, and that the agent operates within a highly restricted execution environment. | LLM | SKILL.md:28 |
Scan History
Embed Code
[](https://skillshield.io/report/58b21e62d4291f86)
Powered by SkillShield