Trust Assessment
exe-dev received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via unsanitized user input in shell commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via unsanitized user input in shell commands The skill documentation provides several shell commands (e.g., `ssh exe.dev`, `mitmdump`) that accept user-provided arguments such as `<vm>`, `<port>`, and `<email>`. If an AI agent directly interpolates unsanitized user input into these commands for execution, a malicious user could inject arbitrary shell commands by providing specially crafted input (e.g., `myvm; rm -rf /`). This could lead to arbitrary code execution on the host system where the commands are run, or unintended actions within the `exe.dev` environment. Ensure all user-provided arguments (`<vm>`, `<port>`, `<email>`, etc.) are strictly validated and properly sanitized or escaped (e.g., using `shlex.quote` in Python or similar mechanisms in other languages) before being interpolated into shell commands. Ideally, use a library or API that handles argument passing securely rather than direct string concatenation for shell commands. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/280ade3c234e36e1)
Powered by SkillShield