Trust Assessment
japan-news-digest received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Excessive Filesystem Write Permissions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Excessive Filesystem Write Permissions The skill instructs the LLM to save files directly to the user's home directory (`~/news-digests/YYYY-MM-DD.md`). Writing to the home directory grants broad filesystem access, which could be exploited to overwrite critical user configuration files, inject malicious scripts, or exfiltrate data if the path or content could be manipulated by a prompt injection. Restrict file write operations to a sandboxed, temporary directory that is isolated from the user's sensitive files. If persistent storage is required, ensure explicit user consent and strict validation of file paths and content, or use platform-provided secure storage mechanisms. Avoid writing directly to the user's home directory or other sensitive system locations. | LLM | SKILL.md:46 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/sa9saq/japan-news-digest/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/09ca4c01dca1d7c6)
Powered by SkillShield