Trust Assessment
home-music received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include AppleScript injection via user-defined speaker names, Hardcoded absolute path to external executable creates supply chain and command injection risk.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Hardcoded absolute path to external executable creates supply chain and command injection risk The script uses a hardcoded absolute path (`/Users/asteinberger/clawd/skills/spotify-applescript/spotify.sh`) to execute the `spotify.sh` script. This creates a significant supply chain risk. If the `spotify.sh` script at this specific path is replaced with a malicious executable (e.g., due to a compromised user account or a malicious actor), this skill will execute it without verification. This also makes the skill non-portable and prone to breakage on other systems or user accounts. Replace the hardcoded absolute path with a relative path (e.g., `$(dirname "$0")/../spotify-applescript/spotify.sh`) or resolve the path dynamically based on the skill ecosystem's conventions. Implement integrity checks (e.g., checksum verification) for external scripts if possible, or ensure the skill loading mechanism guarantees the integrity of dependencies. | LLM | home-music.sh:7 | |
| HIGH | AppleScript injection via user-defined speaker names The `airfoil_connect`, `airfoil_disconnect`, and `airfoil_volume` functions construct AppleScript commands by directly interpolating the `$speaker` variable. The `SKILL.md` documentation explicitly instructs users on how to modify the `ALL_SPEAKERS` array, which populates `$speaker`. If a malicious string (e.g., `"; do shell script \"rm -rf ~\""`) is added to `ALL_SPEAKERS`, it would be executed by `osascript`, leading to arbitrary command execution within the user's context. Sanitize or escape the `$speaker` variable before embedding it into the `osascript` command string. For example, ensure it only contains alphanumeric characters and allowed symbols, or use a more robust method for interacting with AppleScript that passes arguments securely. | LLM | home-music.sh:30 |
Scan History
Embed Code
[](https://skillshield.io/report/ca6a0f5ca60b6fdb)
Powered by SkillShield