Trust Assessment
confluence received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via `confluence` CLI arguments, Unpinned `confluence-cli` dependency in manifest.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via `confluence` CLI arguments The skill demonstrates the use of `confluence` CLI commands where arguments like page titles, page IDs, space keys, and body content are passed as strings. If the AI agent constructs these commands using unsanitized user input, a malicious user could inject arbitrary shell commands. For example, `confluence create "Page Title" SPACEKEY --body "$(rm -rf /)"` could execute `rm -rf /`. This risk applies to commands such as `search`, `create`, `create-child`, `update`, and `export` where user-controlled input forms part of the shell command. Implement robust input sanitization and escaping for all user-provided arguments before constructing and executing shell commands. Consider using a library that safely handles command execution with arguments, preventing shell interpretation. | LLM | SKILL.md:40 | |
| MEDIUM | Unpinned `confluence-cli` dependency in manifest The skill's manifest specifies the `confluence-cli` package for installation via npm without a version constraint. This means that future installations could pull any version of `confluence-cli`, including potentially malicious versions if the package maintainer's account is compromised or if a new maintainer introduces malicious code. This introduces a supply chain risk. Pin the `confluence-cli` dependency to a specific, known-good version (e.g., `confluence-cli@1.2.3`) in the manifest's `install` section to ensure deterministic and secure installations. Regularly review and update pinned versions. | LLM | Manifest |
Scan History
Embed Code
[](https://skillshield.io/report/acb396d20b274b1d)
Powered by SkillShield