Trust Assessment
desktop-mouse received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Unsanitized user input in `exec` command arguments, Potential privilege escalation via `molt-mouse` binary.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Unsanitized user input in `exec` command arguments The skill instructs the LLM to use the `exec` tool (line 6) with `molt-mouse` and allows user-provided arguments (e.g., `<dx>`, `<dy>`, `<x>`, `<y>`, `left|right|middle`). Although the skill specifies "ONLY run commands that start with: `molt-mouse ...`" (line 7), this instruction does not explicitly mandate sanitization or proper quoting of user-supplied arguments. An attacker could inject shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`) into these arguments, leading to arbitrary command execution on the host system. Implement robust input sanitization and shell escaping for all user-provided arguments before constructing the command string for `exec`. For example, use a library function that properly quotes arguments for the shell, or pass arguments as a list to `exec` if the underlying execution mechanism supports it, rather than a single string. The LLM should be explicitly instructed on how to safely construct shell commands with user input. | LLM | SKILL.md:7 | |
| HIGH | Potential privilege escalation via `molt-mouse` binary The `molt-mouse` binary, required by this skill, likely operates with elevated privileges (e.g., access to `/dev/uinput` via `setcap` or `sudo`) to perform mouse control. If a command injection vulnerability (SS-LLM-003) is exploited, arbitrary commands could be executed with the same elevated privileges as `molt-mouse`, leading to privilege escalation on the host system. The skill itself doesn't request excessive permissions, but its reliance on a privileged binary makes command injection a critical threat. Mitigate the underlying command injection vulnerability (SS-LLM-003) to prevent abuse of `molt-mouse`'s elevated privileges. Ensure that `molt-mouse` runs with the absolute minimum necessary privileges. Consider using a more secure IPC mechanism instead of direct shell execution for privileged operations. | LLM | SKILL.md:6 |
Scan History
Embed Code
[](https://skillshield.io/report/271c91f02262f418)
Powered by SkillShield