Trust Assessment
github-copilot-cli received a trust score of 90/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via Embedded Shell Script.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Embedded Shell Script The skill definition (`SKILL.md`) includes a `bash` code block that executes a `python` script. If an AI agent is configured to interpret and execute code blocks found within skill definitions (a common pattern in agent architectures), this could lead to arbitrary command execution on the host system. Although the script's stated purpose is benign (frontmatter linting), the presence of executable shell commands directly embedded in a markdown skill definition creates a command injection vulnerability if the agent's execution environment is not sufficiently sandboxed or if the markdown is misinterpreted as executable code. Avoid embedding executable shell commands directly within markdown skill definitions. If such functionality is required, it should be implemented as a separate, explicitly defined tool or function within a secure execution environment, rather than relying on the LLM to interpret and execute documentation. For developer-specific checks, these should be external to the skill's runtime definition. | LLM | SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/d8804cf3292ae431)
Powered by SkillShield