Trust Assessment
elysium-arcology-planner received a trust score of 51/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 1 critical, 1 high, 2 medium, and 1 low severity. Key findings include Missing required field: name, Python file could not be statically analyzed, Explicit Command Execution and JavaScript Evaluation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 53/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Explicit Command Execution and JavaScript Evaluation The skill explicitly states that scripts can be run via `exec` and provides examples of `python` script execution. It also allows for `canvas action=eval javaScript=...`, which enables arbitrary JavaScript execution. This allows an attacker to execute arbitrary commands on the host system or within the browser context if the arguments to these actions are user-controlled. The 'PowerShell Fix' section further instructs on command chaining, directly facilitating command injection. Remove direct `exec` capabilities. If external scripts are necessary, implement a strict allowlist of commands and arguments, and sanitize all user-provided inputs. Avoid `eval` for user-controlled JavaScript. For `canvas action=eval`, ensure the `javaScript` argument is generated internally and not directly from user input. | LLM | SKILL.md:20 | |
| HIGH | Arbitrary File Read/Write via SVG Export Script The `scripts/export-svg-to-3d.py` script takes an SVG file path as a command-line argument (`sys.argv[1]`). If an attacker can control this argument, they can instruct the skill to read and parse arbitrary files on the system (e.g., `/etc/passwd`, `/app/secrets.txt`). The content of these files might be exposed through error messages or by being partially included in the generated JSON/STL output. Furthermore, the output file paths are derived from the input path, potentially allowing an attacker to write generated files to arbitrary locations, overwriting existing files or creating new ones in sensitive directories. Restrict the `svg` input path to a predefined, secure directory (e.g., `assets/`) and validate that the path does not contain directory traversal sequences (e.g., `../`). Implement strict input validation for all file paths. Ensure the script runs with minimal necessary permissions. | LLM | scripts/export-svg-to-3d.py:42 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/kunoiiv/elysium-arcology-planner/SKILL.md:1 | |
| MEDIUM | Python file could not be statically analyzed SyntaxError: unexpected indent (line 60) | Static | skills/kunoiiv/elysium-arcology-planner/scripts/export-svg-to-3d.py:60 | |
| LOW | Typosquatting Risk for 'freecad' Dependency The `scripts/export-svg-to-3d.py` script's comments mention `Req: FreeCAD (pip install freecad)`. FreeCAD is typically installed as a system application, not via `pip`. Attempting `pip install freecad` could lead to installing a malicious package if a typosquatted package exists on PyPI. While `svg.path` is a legitimate Python package, the mention of `freecad` as a `pip` installable dependency is misleading and poses a supply chain risk for users who might follow this instruction. Correct the dependency installation instructions. Clarify that FreeCAD is a system-level application and not a Python package installable via `pip`. If a Python binding is intended, specify the correct package name or clarify that it's for interacting with a running FreeCAD instance. | LLM | scripts/export-svg-to-3d.py:4 |
Scan History
Embed Code
[](https://skillshield.io/report/4bfee16146b782ad)
Powered by SkillShield