Trust Assessment
ifc-qto-extraction received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Command Injection in n8n Workflow via model_path, Path Traversal in n8n Workflow for file loading.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection in n8n Workflow via model_path The n8n workflow 'convert_model' step uses an 'Execute Command' node where the 'command' field directly incorporates '{{$json.model_path}}' from the webhook payload. This allows an attacker to inject arbitrary shell commands by crafting a malicious 'model_path' value, leading to remote code execution on the system running the n8n instance. For example, a model_path like `"C:\Models\Building.rvt" && rm -rf /` could execute arbitrary commands. 1. **Input Validation**: Strictly validate `model_path` to ensure it only contains expected characters and paths. 2. **Sanitization**: Escape or quote any user-provided input before using it in a shell command. 3. **Use `shell: false`**: If the `Execute Command` node supports it, pass arguments as a list to avoid shell interpretation (e.g., `command: ["C:\DDC\RvtExporter.exe", "{{$json.model_path}}", "complete", "bbox", "schedule"]`). 4. **Least Privilege**: Ensure the n8n runner has minimal permissions. | LLM | SKILL.md:288 | |
| HIGH | Path Traversal in n8n Workflow for file loading The n8n workflow 'load_excel' step constructs a file path using `{{$json.model_path.replace('.rvt', '.xlsx')}}`. If the `model_path` from the webhook payload contains path traversal sequences (e.g., `../`), an attacker could manipulate the path to read arbitrary files on the system where the n8n workflow is executed. For instance, a `model_path` of `../../../../etc/passwd.rvt` could lead to an attempt to read `/etc/passwd.xlsx`. 1. **Input Validation**: Strictly validate `model_path` to ensure it is a safe, canonicalized path within an allowed directory. 2. **Path Sanitization**: Implement robust path sanitization to prevent directory traversal. 3. **Confine File Operations**: Restrict file operations to a designated, isolated directory. | LLM | SKILL.md:294 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/datadrivenconstruction/ifc-qto-extraction/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/e4b8b21d058752f7)
Powered by SkillShield