Trust Assessment
devbridge-backend received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 1 high, 3 medium, and 1 low severity. Key findings include Missing required field: name, Python file could not be statically analyzed, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Prompt Injection via User-Controlled JSON Input The `handle_fix_request` function processes a user-provided `message` parameter. If this message is a valid JSON string, its fields (e.g., `endpoint`, `error`, `request_body`, `response_body`) are directly parsed and then embedded into the prompt for the `analyze_problem_with_ai` function. An attacker can craft a malicious JSON message to inject instructions into the AI model, potentially manipulating its behavior, extracting sensitive information, or causing unintended actions. Implement strict input validation and sanitization for all user-provided fields before they are used in AI prompts. Consider using templating engines that automatically escape user input or dedicated prompt-hardening techniques to prevent malicious instructions from being interpreted by the LLM. | LLM | commands.py:170 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/albertnjcn/devbridge-backend/SKILL.md:1 | |
| MEDIUM | Python file could not be statically analyzed SyntaxError: closing parenthesis '}' does not match opening parenthesis '(' (line 568) | Static | skills/albertnjcn/devbridge-backend/commands.py:568 | |
| MEDIUM | Supply Chain Risk: Storage of Unvalidated User-Provided Code The `mark_fix_ready` command allows users to submit arbitrary `fix_code` as a string parameter. This user-provided code is then stored in the skill's state file (`PROBLEMS_STATE.json`). While the provided `commands.py` does not directly execute this code, storing unvalidated, user-supplied code in a system designed for 'AI-assisted code generation' and 'fixes' introduces a significant supply chain risk. This code could later be retrieved and executed by other agents, development tools, or human developers, potentially leading to command injection, introduction of malicious software, or other security breaches. Implement robust validation for `fix_code` submissions, especially if the code is intended for eventual execution. If the code is meant to be reviewed and applied manually, ensure clear warnings and a mandatory human review process are enforced. Consider sandboxing any environment where such code might be executed. | LLM | commands.py:270 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/albertnjcn/devbridge-backend/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/24f5cf17baf59d24)
Powered by SkillShield