Trust Assessment
devbridge-admin received a trust score of 61/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 6 findings: 0 critical, 1 high, 3 medium, and 2 low severity. Key findings include Missing required field: name, Python file could not be statically analyzed, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsanitized user input in agent messages User-provided inputs such as `note` in `approve_problem` and `reason`, `suggestion` in `reject_problem` are directly embedded into messages (e.g., `backend_message`, `frontend_message`) using f-strings. If these messages are subsequently processed by an LLM (e.g., another agent or the host LLM), a malicious user could inject instructions into these fields to manipulate the LLM's behavior, leading to prompt injection attacks. Additionally, `problem['error']` which could originate from untrusted sources, is also embedded. Implement robust sanitization or escaping of all user-controlled input (e.g., `note`, `reason`, `suggestion`, `problem['error']`) before it is embedded into messages that might be processed by an LLM. Consider using a templating engine with auto-escaping or explicitly filtering/encoding potentially harmful characters. If the messages are intended for human consumption only, ensure they are not fed back into an LLM. | LLM | commands.py:120 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/albertnjcn/devbridge-admin/SKILL.md:1 | |
| MEDIUM | Python file could not be statically analyzed SyntaxError: invalid syntax (line 387) | Static | skills/albertnjcn/devbridge-admin/commands.py:387 | |
| MEDIUM | Hardcoded absolute path for state file The `commands.py` script hardcodes the `STATE_FILE` path to `/Users/albot/clawd/state/PROBLEMS_STATE.json`. This absolute path is specific to a local machine and overrides the more flexible environment variable configuration (`${CLAWDBOT_STATE_DIR:-/data/clawdbot}/PROBLEMS_STATE.json`) defined in `SKILL.md`. This could lead to unintended file system access (reading/writing outside the skill's designated data directory) if the skill runs with sufficient permissions, potentially causing data exfiltration or integrity issues in an unexpected location. The skill should use the state file path configured in `SKILL.md`. This path should be passed to the Python script via an environment variable or a configuration parameter, ensuring it respects the intended deployment environment and avoids hardcoded local paths. | LLM | commands.py:15 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/albertnjcn/devbridge-admin/package.json | |
| LOW | Unpinned Python dependency The `package.json` specifies `python-dateutil` as a required package but does not pin it to a specific version. This can lead to unexpected behavior, compatibility issues, or security vulnerabilities if a future version introduces breaking changes or malicious code. Pin the dependency to a specific major.minor.patch version (e.g., `"python-dateutil==2.8.2"`) or at least a major version (e.g., `"python-dateutil~=2.8"`) to ensure consistent and secure builds. | LLM | package.json:100 |
Scan History
Embed Code
[](https://skillshield.io/report/10b4e04d67778968)
Powered by SkillShield