Trust Assessment
curriculum-generator received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Unsanitized user input in shell command execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsanitized user input in shell command execution The skill constructs shell commands using user-provided `{topic}` values without proper sanitization or escaping. This allows an attacker to inject arbitrary shell commands by crafting a malicious `{topic}` string. For example, if `{topic}` contains shell metacharacters like `"; rm -rf /; echo "`, it could lead to arbitrary command execution on the host system. Sanitize or escape all user-provided input (`{topic}`) before incorporating it into shell commands. Prefer using a command execution function that takes a list of arguments (e.g., `subprocess.run(['python3', 'script.py', topic, 'arg2'])`) instead of a single string, as this avoids shell interpretation. If shell=True is necessary, ensure all user-controlled parts are properly quoted and escaped for the target shell. | LLM | SKILL.md:200 |
Scan History
Embed Code
[](https://skillshield.io/report/89c803ba175cf1f0)
Powered by SkillShield