Trust Assessment
knowledge-base received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Direct SQL execution from untrusted input.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Direct SQL execution from untrusted input The `scripts/query.py` script exposes a `sql` command that directly executes arbitrary SQL queries provided as an argument. If an AI agent passes untrusted user input (e.g., from a prompt) to this command, it creates a severe SQL injection vulnerability. An attacker could leverage this to read, modify, or delete any data in the `jarvis.db` database, or even drop tables, leading to data exfiltration, integrity compromise, or denial of service. Remove or strictly limit the `sql` command. If it must exist, ensure that any input passed to it is *never* derived from untrusted sources (e.g., user prompts). Consider implementing a whitelist of allowed SQL operations or a more controlled interface for database interaction. For an AI agent, direct raw SQL execution is almost always too dangerous. | LLM | scripts/query.py:203 |
Scan History
Embed Code
[](https://skillshield.io/report/aaa6945ba00f4919)
Powered by SkillShield