Trust Assessment
findmy-location received a trust score of 32/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 1 critical, 2 high, 1 medium, and 1 low severity. Key findings include Arbitrary command execution, Dangerous call: subprocess.run(), Sensitive environment variable access: $HOME.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/poiley/whatisxlistening-to/skills/findmy-location/findmy-location.py:16 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'run'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/poiley/whatisxlistening-to/skills/findmy-location/findmy-location.py:16 | |
| HIGH | Arbitrary code execution via malicious hsclick script The `findmy-location.py` script uses `subprocess.run(cmd, shell=True)` to execute external commands. Specifically, it attempts to find and execute an `hsclick` script from a list of predefined paths, including user-writable locations like `~/.local/bin/hsclick`. If an attacker can place a malicious executable at one of these paths, the `findmy-location.py` script will execute it, leading to arbitrary code execution. This constitutes a command injection vulnerability and a supply chain risk, as the skill's behavior depends on external, potentially user-controlled, executables. 1. Avoid `shell=True` when executing external commands. Use a list of arguments directly: `subprocess.run([hsclick, 'click', str(click_x), str(click_y)], capture_output=True, text=True)`. 2. If `shell=True` is absolutely necessary, ensure all components of the command string are strictly validated and sanitized. 3. For `hsclick`, consider embedding the `curl` logic directly in the Python script or using a Python HTTP client library, rather than relying on an external shell script found in potentially user-writable paths. If an external script is required, ensure its path is fixed and not user-modifiable, or verify its integrity (e.g., checksum). | LLM | findmy-location.py:40 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/poiley/whatisxlistening-to/skills/findmy-location/install.sh:5 | |
| LOW | Reads user's `USER.md` file from arbitrary paths The `get_target_name` function attempts to read `USER.md` from several user-specific paths (`~/clawd/USER.md`, `~/USER.md`, `./USER.md`). While it only extracts a 'name' field, reading arbitrary files from a user's home directory without explicit consent or clear necessity can be a privacy concern and a potential data exfiltration vector if the file contains sensitive information and the skill's output is logged or transmitted. 1. Explicitly document this behavior to the user, explaining why `USER.md` is read and what data is extracted. 2. Consider making the `target` field in `config.json` mandatory, removing the need to scan `USER.md`. 3. If reading `USER.md` is essential, restrict the search paths to only those strictly necessary and document them. | LLM | findmy-location.py:20 |
Scan History
Embed Code
[](https://skillshield.io/report/9535435999b345e0)
Powered by SkillShield