Trust Assessment
file_organizer received a trust score of 88/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Skill description implies broad file system access.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill description implies broad file system access The skill's manifest description states it can "organize files in a specified directory". This implies the underlying `organize.ps1` script will have broad read/write access to potentially any directory on the file system that the executing user has permissions for. Without explicit scope limitations or sandboxing mentioned in the skill's documentation or enforced by the tool, this poses a significant risk of unintended file modification or deletion, especially if the skill is invoked with a malicious or incorrect path. The example usage `powershell.exe -File scripts/organize.ps1 C:\Users\L\Downloads` further demonstrates the intent for the skill to operate on user-specified paths. Clarify the intended scope of file system access. If the skill is meant to operate only within specific directories or a sandboxed environment, this should be explicitly stated in the skill's documentation. Ensure the underlying `organize.ps1` script implements robust path validation and access controls to prevent operations outside the intended scope. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/72fc971e4255424e)
Powered by SkillShield