Trust Assessment
ddg received a trust score of 44/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 1 critical, 1 high, 2 medium, and 0 low severity. Key findings include Persistence / self-modification instructions, Persistence mechanism: Shell RC file modification, Unpinned Git clone and `sudo make install` for dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/instant-picture/ddg/SKILL.md:103 | |
| HIGH | Unpinned Git clone and `sudo make install` for dependency The skill's installation instructions suggest cloning a Git repository (`https://github.com/jarun/ddgr.git`) without specifying a particular commit hash or tag, and then executing `sudo make install`. This allows arbitrary code from the repository's default branch to be executed with root privileges at installation time. A compromise of the upstream repository or its default branch could lead to the execution of malicious code on the system. Pin dependencies to specific versions (e.g., Git commit hash, release tag) to ensure reproducibility and prevent unexpected code execution from upstream changes. Avoid `sudo make install` from unverified sources. Prefer package manager installations from trusted repositories. | LLM | SKILL.md:20 | |
| MEDIUM | Persistence mechanism: Shell RC file modification Detected Shell RC file modification pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/instant-picture/ddg/SKILL.md:103 | |
| MEDIUM | Installation via untrusted PPA The skill's installation instructions recommend adding a third-party Personal Package Archive (PPA) (`ppa:twodopeshaggy/jarun`) and installing `ddgr` from it. PPAs are not officially maintained by distribution vendors and can introduce security risks if the PPA maintainer or their infrastructure is compromised, potentially leading to the installation of malicious or vulnerable software. Prefer installing software from official distribution repositories or verified package managers (like Snap, if the package is officially maintained). If a PPA is necessary, ensure its trustworthiness and consider sandboxing the environment where it's used. | LLM | SKILL.md:15 |
Scan History
Embed Code
[](https://skillshield.io/report/72e6bcc0ca221383)
Powered by SkillShield