Trust Assessment
docx-construction received a trust score of 62/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 2 high, 1 medium, and 1 low severity. Key findings include Missing required field: name, Arbitrary File Write via uncontrolled output path, Arbitrary File Read via uncontrolled template and image paths.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 68/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Write via uncontrolled output path The `generate_subcontract` and `generate_daily_report` functions save generated DOCX files to a path specified by the `output_path` argument (e.g., `SKILL.md:42`, `SKILL.md:134`). If an attacker can control this argument, they could write files to arbitrary locations on the filesystem, potentially overwriting critical files, creating malicious files in sensitive directories, or exfiltrating data by writing it to an accessible location. Implement strict validation and sanitization for `output_path`. Restrict file writes to a designated, sandboxed directory. Use `os.path.abspath` and `os.path.commonprefix` to ensure the path stays within an allowed directory, or use a temporary file system. | LLM | SKILL.md:42 | |
| HIGH | Arbitrary File Read via uncontrolled template and image paths The `generate_subcontract` function loads a document template from `template_path` (`SKILL.md:17`), and the `generate_daily_report` function loads images from `photo['path']` (`SKILL.md:130`). If an attacker can control these arguments, they could force the skill to attempt to read arbitrary files from the filesystem. This could lead to the exposure of sensitive data or denial of service if malformed files are provided. Implement strict validation and sanitization for `template_path` and `photo['path']`. Restrict file reads to a designated, safe directory. Ensure that only expected file types are loaded and consider using an allow-list for file extensions. | LLM | SKILL.md:17 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/datadrivenconstruction/docx-construction/SKILL.md:1 | |
| LOW | Unpinned `python-docx` dependency The skill specifies `python-docx` as a dependency without a version constraint (`pip install python-docx`). This means that the latest version available at installation time will be used. This can lead to unexpected behavior due to breaking changes in new versions or introduce vulnerabilities if a future version of `python-docx` contains a security flaw or if a malicious package with the same name is published. Pin the dependency to a specific version (e.g., `python-docx==0.8.11`) or use a version range (e.g., `python-docx>=0.8.11,<0.9`). | LLM | SKILL.md:209 |
Scan History
Embed Code
[](https://skillshield.io/report/58524f7e8e6302f3)
Powered by SkillShield