Trust Assessment
daily-standup received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 1 critical, 2 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Skill executes arbitrary shell commands, Broad filesystem access to user projects.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Skill executes arbitrary shell commands The skill explicitly provides and expects the execution of multiple `bash` commands, including `git log`, `sort`, `grep`, and a `for` loop that iterates through user directories and executes `git` commands. If the host LLM is instructed to execute these commands, it constitutes arbitrary command execution, posing a severe security risk. The use of command substitution `$(git config user.name)` further highlights the dynamic nature of these commands. Skills should avoid direct execution of arbitrary shell commands. If shell access is absolutely necessary, it should be done through a highly constrained and sandboxed environment, with strict input validation and output sanitization. Consider using a dedicated tool or API that provides the required functionality without exposing the raw shell. | LLM | SKILL.md:38 | |
| HIGH | Broad filesystem access to user projects The skill's `for` loop iterates through `~/projects/*`, granting broad read access to all directories within the user's `~/projects` folder. Additionally, `git log` commands access the full history and content of local Git repositories. If executed by an LLM, this skill would operate with the user's permissions, allowing it to read potentially sensitive data from numerous project directories. Restrict filesystem access to the absolute minimum required. Instead of globbing `~/projects/*`, prompt the user for specific project paths or use a more confined directory. Implement strict access controls and sandboxing for any file operations. | LLM | SKILL.md:38 | |
| HIGH | Potential exposure of sensitive local project data The skill gathers detailed information from local Git repositories, including commit messages, changed file names (`git log --name-only`), and project names (`basename $dir`). If an LLM executes these commands and processes the output, this sensitive local data could be inadvertently included in the LLM's responses or logs, leading to data exposure. The `git log --name-only` command specifically lists all files changed, which can reveal project structure and sensitive file names. Implement strict sanitization and filtering of any data gathered from local systems before it is processed or output by the LLM. Ensure that the LLM's output is carefully reviewed and controlled to prevent the leakage of sensitive information. Consider redacting or generalizing specific details. | LLM | SKILL.md:22 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/sa9saq/daily-standup/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/323a9ce61cd7be74)
Powered by SkillShield