Trust Assessment
ifc-data-extraction received a trust score of 66/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Arbitrary file write vulnerability in export functions, Unrestricted database connection string allows broad access.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary file write vulnerability in export functions The `IFCExporter` class methods `to_excel`, `to_csv`, and `to_json` accept `output_path` or `output_dir` as arguments. If these arguments are directly controlled by untrusted user input without proper sanitization or restriction to a designated output directory, an attacker could specify arbitrary file paths. This allows writing skill-generated data (which could include sensitive extracted IFC model data) to any location on the filesystem accessible by the skill, potentially overwriting critical system files, creating malicious files, or exfiltrating data to publicly accessible directories. The `to_csv` method also uses `os.makedirs` with a user-controlled `output_dir`, which could create directories in arbitrary locations. Implement strict validation and sanitization of `output_path` and `output_dir` arguments. Restrict file operations to a designated, sandboxed output directory. Prevent directory traversal attacks (e.g., `../`). | LLM | SKILL.md:293 | |
| HIGH | Unrestricted database connection string allows broad access The `IFCExporter.to_database` method accepts an arbitrary `connection_string` which is directly passed to `sqlalchemy.create_engine`. If this `connection_string` is derived from untrusted user input, it grants the skill the ability to connect to any database accessible from the skill's execution environment, using potentially attacker-supplied credentials. This could lead to unauthorized access, data manipulation, or exfiltration from external databases. Do not allow untrusted user input to directly specify the full database `connection_string`. Instead, provide a limited set of configurable parameters (e.g., host, database name, user) and construct the connection string internally using pre-approved templates and securely managed credentials. Implement strict access controls for database interactions. | LLM | SKILL.md:360 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/datadrivenconstruction/ifc-data-extraction/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/e13b9bee0c827af4)
Powered by SkillShield