Trust Assessment
feast received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via unescaped arguments in script execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via unescaped arguments in script execution The skill's documentation describes executing `scripts/update-history.py` via a bash command, passing user-controlled data (e.g., meal name, notes, region) as arguments. If the host LLM constructs this command by directly interpolating user input without proper shell escaping, an attacker could inject arbitrary shell commands. For example, a malicious `--name` argument like `"; rm -rf /; echo "` could lead to critical system compromise. The `--meals-dir` argument is also sensitive, as it controls the write location, potentially allowing writes to arbitrary file paths if not properly validated and escaped. The LLM should be instructed to always use robust shell escaping (e.g., `shlex.quote` in Python, or equivalent for other languages) for all user-provided arguments when constructing and executing shell commands. Additionally, consider validating or sanitizing user input for arguments like `--meals-dir` to ensure it remains strictly within the intended workspace directory. | LLM | SKILL.md:199 |
Scan History
Embed Code
[](https://skillshield.io/report/fc2ba421f33d8648)
Powered by SkillShield