Trust Assessment
cwicr-report-generator received a trust score of 52/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 9 findings: 2 critical, 2 high, 2 medium, and 3 low severity. Key findings include Covert behavior / concealment directives, Missing required field: name, Arbitrary File Write via Unsanitized Output Path (HTML).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 1/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings9
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary File Write via Unsanitized Output Path (HTML) The `save_html` method writes content to a file specified by the `output_path` parameter without any path validation or sanitization. An attacker could provide a path traversal sequence (e.g., `../../../../etc/passwd`) or an absolute path to write arbitrary HTML content to any location on the filesystem where the process has write permissions. This could lead to overwriting critical system files, creating malicious scripts, or data exfiltration. Implement strict path validation for `output_path`. Restrict output to a designated, sandboxed directory. Prevent absolute paths or path traversal sequences. Consider using a UUID for filenames if user-provided names are not strictly necessary, or sanitize user-provided filenames to only allow alphanumeric characters and a single extension. | LLM | SKILL.md:195 | |
| CRITICAL | Arbitrary File Write via Unsanitized Output Path (Excel) The `generate_excel` method writes content to an Excel file specified by the `output_path` parameter without any path validation or sanitization. Similar to `save_html`, an attacker could provide a path traversal sequence or an absolute path to write arbitrary Excel content to any location on the filesystem where the process has write permissions. This poses a significant risk of system compromise or data corruption. Implement strict path validation for `output_path`. Restrict output to a designated, sandboxed directory. Prevent absolute paths or path traversal sequences. Consider using a UUID for filenames if user-provided names are not strictly necessary, or sanitize user-provided filenames to only allow alphanumeric characters and a single extension. | LLM | SKILL.md:202 | |
| HIGH | Unsanitized User Input in HTML Generation (Category Breakdown) The `add_breakdown_by_category` method directly embeds `category` names from the `breakdown` dictionary into an HTML table without proper escaping. If the `breakdown` dictionary is populated with untrusted input, an attacker could inject malicious HTML or JavaScript, leading to Cross-Site Scripting (XSS) vulnerabilities when the generated HTML report is viewed. Escape all user-controlled input before embedding it into HTML. For Python, this typically involves using a templating engine that auto-escapes (e.g., Jinja2) or manually escaping using a utility function (e.g., `html.escape()`). | LLM | SKILL.md:100 | |
| HIGH | Unsanitized User Input in HTML Generation (Line Items) The `add_line_items` method directly embeds values from `item.get('code', '')`, `item.get('description', '')`, and `item.get('unit', '')` into an HTML table without proper escaping. If the `items` list contains untrusted input, an attacker could inject malicious HTML or JavaScript, leading to Cross-Site Scripting (XSS) vulnerabilities when the generated HTML report is viewed. Escape all user-controlled input before embedding it into HTML. For Python, this typically involves using a templating engine that auto-escapes (e.g., Jinja2) or manually escaping using a utility function (e.g., `html.escape()`). | LLM | SKILL.md:120 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/datadrivenconstruction/cwicr-report-generator/SKILL.md:1 | |
| MEDIUM | Unsanitized Project Name in HTML Title and Body The `self.project_name` attribute is directly embedded into the HTML `<title>` tag and a `<p>` tag within the report without proper escaping. If `self.project_name` is derived from untrusted input, an attacker could inject malicious HTML or JavaScript, leading to Cross-Site Scripting (XSS) vulnerabilities when the generated HTML report is viewed. Escape `self.project_name` using `html.escape()` or ensure it's passed through a templating engine that performs auto-escaping before being embedded into the HTML output. | LLM | SKILL.md:166 | |
| LOW | Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users. | Manifest | skills/datadrivenconstruction/cwicr-report-generator/SKILL.md:172 | |
| LOW | Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users. | Manifest | skills/datadrivenconstruction/cwicr-report-generator/SKILL.md:173 | |
| LOW | Potential HTML Injection in Summary Section The `add_summary` method constructs an HTML snippet using f-strings. While the numeric values from `summary_data` are formatted with `:,2f`, which might prevent direct HTML injection for those specific fields, the overall structure is built without general HTML escaping. If `summary_data` could be manipulated to contain non-numeric strings or if the formatting could be bypassed, it could lead to HTML injection. This is a lower confidence finding due to the numeric formatting, but still a best practice to escape all user-controlled content. Ensure that all data inserted into HTML templates, even if expected to be numeric, is properly escaped or validated to prevent HTML injection. Consider using a templating engine that auto-escapes by default. | LLM | SKILL.md:60 |
Scan History
Embed Code
[](https://skillshield.io/report/82184711b815d005)
Powered by SkillShield