Trust Assessment
godot received a trust score of 44/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 2 critical, 0 high, 3 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Command Injection via unsanitized PROJECT_PATH in filename creation, Command Injection via unsanitized PROJECT_NAME/PROJECT_DIR in filename/path creation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via unsanitized PROJECT_PATH in filename creation The `scripts/build_game.sh` script constructs a filename `PRESETS_FILE` using user-provided `PROJECT_PATH` (argument `$1`). This variable is then used in `cat > "$PRESETS_FILE"`. If `PROJECT_PATH` contains shell metacharacters, specifically a double quote, it can terminate the quoted string and allow arbitrary commands to be injected and executed. For example, providing `PROJECT_PATH='foo"; rm -rf /; echo "'` would lead to `rm -rf /` being executed. Validate or sanitize the `PROJECT_PATH` variable to ensure it contains only safe characters for a filename. Alternatively, use a safer method for creating files with user-controlled names, such as creating a temporary file with `mktemp` and then moving it, or strictly escaping the input for filename context. | LLM | scripts/build_game.sh:22 | |
| CRITICAL | Command Injection via unsanitized PROJECT_NAME/PROJECT_DIR in filename/path creation The `scripts/new_project.sh` script constructs `FULL_PATH` using user-provided `PROJECT_NAME` (argument `$1`) and `PROJECT_DIR` (argument `$2`). This `FULL_PATH` is then used in multiple commands like `cat > "$FULL_PATH/project.godot"`, `mkdir -p "$FULL_PATH"/{...}`, `cp ... "$FULL_PATH/"`, and `cat > "$FULL_PATH/icon.svg"`. If `PROJECT_NAME` or `PROJECT_DIR` contains shell metacharacters, specifically a double quote, it can terminate the quoted string and allow arbitrary commands to be injected and executed. For example, providing `PROJECT_NAME='mygame"; rm -rf /; echo "'` would lead to `rm -rf /` being executed. Validate or sanitize the `PROJECT_NAME` and `PROJECT_DIR` variables to ensure they contain only safe characters for filenames and paths. Alternatively, use safer methods for creating files and directories with user-controlled names, such as creating temporary files with `mktemp` and then moving them, or strictly escaping the input for filename context. | LLM | scripts/new_project.sh:23 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/kjaylee/godot/SKILL.md:11 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/kjaylee/godot/scripts/build_game.sh:150 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/kjaylee/godot/scripts/new_project.sh:7 |
Scan History
Embed Code
[](https://skillshield.io/report/abd7c6c336f6f613)
Powered by SkillShield