Trust Assessment
fork-radar-v2 received a trust score of 91/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 1 medium, and 1 low severity. Key findings include Missing required field: name, Local File Write Capability.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/kunoiiv/fork-radar-v2/SKILL.md:1 | |
| LOW | Local File Write Capability The skill uses `fs.writeFileSync` to create or overwrite a file named `radar.json` in the current working directory. This grants the skill local filesystem write access. While the filename is fixed, the ability to write to the execution directory could potentially be misused in a compromised environment or if the skill is executed in a sensitive location. If possible, restrict file write access to a dedicated, isolated, or temporary directory. Ensure the skill's execution environment is sandboxed to prevent unintended file modifications. | LLM | radar.js:49 |
Scan History
Embed Code
[](https://skillshield.io/report/91d49297fc2c88af)
Powered by SkillShield