Trust Assessment
financial-shield received a trust score of 71/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 1 high, 2 medium, and 2 low severity. Key findings include Missing required field: name, Node lockfile missing, Potential Command Injection via Shell Script.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Shell Script The skill description in `package.json` explicitly mentions a `check_shield.sh` script used to parse `session_status`. Execution of shell scripts, especially if they process untrusted or user-controlled input, can lead to command injection vulnerabilities, allowing an attacker to execute arbitrary commands on the host system. While the script's content is not provided, its existence and purpose warrant a high-severity warning due to the inherent risks of shell execution. Review the `check_shield.sh` script thoroughly to ensure it safely handles all inputs, particularly `session_status` data. Avoid direct execution of user-controlled strings. Implement robust input validation, sanitization, and use parameterized commands or safer alternatives to prevent command injection. | LLM | package.json:4 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/ahuwaramazda/financial-shield/SKILL.md:1 | |
| MEDIUM | Filesystem Write Access for Session Data Rule 4 in `SKILL.md` instructs the agent to 'Automatically summarize all key facts/decisions from the current session into `MEMORY.md`.' This implies the skill has write access to the filesystem. Writing potentially sensitive session data to a file could lead to data exfiltration if the file is not properly secured, if sensitive information is not sanitized before writing, or if the skill's environment allows unauthorized access to `MEMORY.md`. Minimize filesystem write access to only essential, isolated directories. Ensure that `MEMORY.md` is stored in a secure, non-public location and that its contents are sanitized of any sensitive user or system data before writing. Implement strict access controls for any files created by the agent. | LLM | SKILL.md:11 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/ahuwaramazda/financial-shield/package.json | |
| LOW | Access to Internal Session Status The skill requires access to `session_status` to monitor token usage (as stated in `SKILL.md` Rule 2 and the `package.json` description). While this is a legitimate requirement for its stated purpose, access to internal session state should be carefully reviewed. If the `session_status` interface exposes sensitive information or allows for unintended manipulation of critical session parameters, it could present an attack surface. Verify that the `session_status` interface only exposes necessary, non-sensitive information and is read-only. Ensure it does not allow for manipulation of critical session parameters or reveal Personally Identifiable Information (PII) or sensitive system details. | LLM | SKILL.md:8 |
Scan History
Embed Code
[](https://skillshield.io/report/f310a8068f0fc45b)
Powered by SkillShield