Trust Assessment
devlog-agent-skill received a trust score of 60/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 2 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Sensitive environment variable access: $HOME, Unpinned `dev-log-cli` dependency in setup script.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned `dev-log-cli` dependency in setup script The `setup.sh` script installs the `dev-log-cli` package using `pipx install dev-log-cli` without specifying a version. This means the skill will always install the latest version available on PyPI. If a malicious update is published to `dev-log-cli` by its maintainers or due to a compromise, the agent's environment could be compromised when this skill is set up or updated, leading to arbitrary code execution. Pin the dependency to a specific, known-good version (e.g., `pipx install dev-log-cli==X.Y.Z`). Regularly review and update the pinned version to incorporate security fixes and new features while mitigating supply chain risks. | LLM | setup.sh:26 | |
| HIGH | Potential command injection through `devlog` arguments The skill relies on the `devlog` CLI tool, which takes various arguments (e.g., `--project`, `--status`, `--tags`, search terms, entry IDs) as demonstrated in `SKILL.md`. If an AI agent constructs `devlog` commands by directly interpolating untrusted user input into these arguments without proper sanitization or shell escaping, it could lead to command injection. An attacker could craft input that breaks out of the argument context and executes arbitrary shell commands on the host system. The AI agent utilizing this skill must ensure all arguments passed to `devlog` commands are properly sanitized, escaped, or quoted to prevent shell injection. For example, using `shlex.quote()` in Python or similar mechanisms in other languages when constructing the command string. The skill developer should document this requirement clearly for agent developers. | LLM | SKILL.md:22 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/crimsondevil333333/devlog-agent-skill/SKILL.md:1 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/crimsondevil333333/devlog-agent-skill/setup.sh:12 |
Scan History
Embed Code
[](https://skillshield.io/report/cdabf68c43864794)
Powered by SkillShield