Trust Assessment
jarvis-voice received a trust score of 90/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via `jarvis` script input.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via `jarvis` script input The `SKILL.md` demonstrates usage of the `jarvis` script where user-controlled text is passed as a command-line argument. If the `jarvis` script (located at `scripts/jarvis`, which is not provided in this context) does not properly sanitize or escape this input before incorporating it into shell commands (e.g., `ffmpeg` or `aplay`), it could lead to arbitrary command execution. An attacker could inject shell metacharacters (e.g., `;`, `|`, `&`, `$()`) to execute malicious commands on the host system. The `jarvis` script must properly sanitize all user-provided input before passing it to external commands like `ffmpeg` or `aplay`. This typically involves using safe argument passing mechanisms (e.g., `exec` with an array of arguments in Python/Node.js, or `"$@"` with `set -e` and careful quoting in shell scripts) or robust escaping functions for shell metacharacters. | LLM | SKILL.md:59 |
Scan History
Embed Code
[](https://skillshield.io/report/77a8ca96936bd38d)
Powered by SkillShield