Trust Assessment
hotdog received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 1 critical, 3 high, 1 medium, and 0 low severity. Key findings include Hardcoded Bearer Token detected, Potential Command Injection via LLM output in curl arguments, Hardcoded API Key/Bearer Token.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Potential Command Injection via LLM output in curl arguments The skill executes shell commands using `exec: curl`. The values `ANSWER` and `DESCRIPTION` are generated by the LLM and directly interpolated into the `curl` command's `-F` arguments. If the LLM's output can be manipulated (e.g., through a prompt injection) to include shell metacharacters, it could lead to arbitrary command execution on the host system. Similarly, `ROUND_ID`, `PICK`, and `FIRST_SIDE` are interpolated into a JSON string within a `curl -d` argument, which could also be exploited if not properly escaped. Implement robust sanitization and escaping for all LLM-generated or external-API-derived variables (`ANSWER`, `DESCRIPTION`, `ROUND_ID`, `PICK`, `FIRST_SIDE`) before they are interpolated into shell commands. Consider using a safer method for making HTTP requests that doesn't involve direct shell execution with user-controlled input, or ensure strict quoting and escaping for all dynamic parts of the command. | LLM | SKILL.md:20 | |
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/mishafyi/hotdog/SKILL.md:25 | |
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/mishafyi/hotdog/SKILL.md:32 | |
| HIGH | Hardcoded API Key/Bearer Token A bearer token (`ih1rtmC7ECm8iExqvI6zMbOAqEaXIi9X`) is hardcoded directly within the skill's `SKILL.md` file. Hardcoding sensitive credentials makes them publicly visible and vulnerable to compromise if the skill's source code is exposed or if the token is used in an insecure context. This token grants access to `api.hotdogornot.xyz/api/arena/round` and should be protected. Remove hardcoded API keys and sensitive credentials. Store them securely using environment variables, a secrets management service, or a platform-provided secure storage mechanism. Ensure that access to these secrets is restricted to authorized components only. | LLM | SKILL.md:20 | |
| MEDIUM | User Image Data Exfiltration to Third-Party API The skill explicitly sends the user's image file (`{{MediaPath}}`) to an external third-party API (`https://api.hotdogornot.xyz/api/arena/round`). While this is the intended functionality of the skill, it constitutes data exfiltration of user-provided content to an external service. Users should be made aware that their images are being transmitted to and processed by a third party. Clearly inform users that their images will be sent to a third-party service for processing. Provide transparency regarding the data handling policies of the third-party service and ensure compliance with relevant privacy regulations. Consider adding a user consent step before sending sensitive data. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/ae21010388e8d680)
Powered by SkillShield