Trust Assessment
korail-manager-ben received a trust score of 37/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 13 findings: 8 critical, 0 high, 5 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Missing required field: name, Suspicious import: requests.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings13
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Hardcoded Korail Credentials The skill contains hardcoded default Korail ID and Password. While `os.environ.get` is used, the fallback values are directly present in the source code. This is a critical security vulnerability as these credentials can be easily extracted and misused. Remove hardcoded default credentials. Ensure all sensitive information like KORAIL_ID and KORAIL_PW are loaded exclusively from secure environment variables or a dedicated secrets management system. Never commit default credentials to source control. | LLM | scripts/cancel.py:7 | |
| CRITICAL | Hardcoded Korail Credentials The skill contains hardcoded default Korail ID and Password. While `os.environ.get` is used, the fallback values are directly present in the source code. This is a critical security vulnerability as these credentials can be easily extracted and misused. Remove hardcoded default credentials. Ensure all sensitive information like KORAIL_ID and KORAIL_PW are loaded exclusively from secure environment variables or a dedicated secrets management system. Never commit default credentials to source control. | LLM | scripts/cancel.py:8 | |
| CRITICAL | Hardcoded Korail Credentials The skill contains hardcoded default Korail ID and Password. While `os.environ.get` is used, the fallback values are directly present in the source code. This is a critical security vulnerability as these credentials can be easily extracted and misused. Remove hardcoded default credentials. Ensure all sensitive information like KORAIL_ID and KORAIL_PW are loaded exclusively from secure environment variables or a dedicated secrets management system. Never commit default credentials to source control. | LLM | scripts/search.py:15 | |
| CRITICAL | Hardcoded Korail Credentials The skill contains hardcoded default Korail ID and Password. While `os.environ.get` is used, the fallback values are directly present in the source code. This is a critical security vulnerability as these credentials can be easily extracted and misused. Remove hardcoded default credentials. Ensure all sensitive information like KORAIL_ID and KORAIL_PW are loaded exclusively from secure environment variables or a dedicated secrets management system. Never commit default credentials to source control. | LLM | scripts/search.py:16 | |
| CRITICAL | Hardcoded Korail Credentials The skill contains hardcoded default Korail ID and Password. While `os.environ.get` is used, the fallback values are directly present in the source code. This is a critical security vulnerability as these credentials can be easily extracted and misused. Remove hardcoded default credentials. Ensure all sensitive information like KORAIL_ID and KORAIL_PW are loaded exclusively from secure environment variables or a dedicated secrets management system. Never commit default credentials to source control. | LLM | scripts/watch.py:27 | |
| CRITICAL | Hardcoded Korail Credentials The skill contains hardcoded default Korail ID and Password. While `os.environ.get` is used, the fallback values are directly present in the source code. This is a critical security vulnerability as these credentials can be easily extracted and misused. Remove hardcoded default credentials. Ensure all sensitive information like KORAIL_ID and KORAIL_PW are loaded exclusively from secure environment variables or a dedicated secrets management system. Never commit default credentials to source control. | LLM | scripts/watch.py:28 | |
| CRITICAL | Hardcoded Telegram Bot Token The skill contains a hardcoded default Telegram Bot Token. While `os.environ.get` is used, the fallback value is directly present in the source code. This is a critical security vulnerability as this token can be used to control the bot and access its chats. Remove hardcoded default Telegram Bot Token. Ensure all sensitive information is loaded exclusively from secure environment variables or a dedicated secrets management system. Never commit default tokens to source control. | LLM | scripts/watch.py:29 | |
| CRITICAL | Hardcoded Telegram Chat ID The skill contains a hardcoded default Telegram Chat ID. While `os.environ.get` is used, the fallback value is directly present in the source code. This could potentially expose the chat ID of the alert recipient. Remove hardcoded default Telegram Chat ID. Ensure all sensitive information is loaded exclusively from secure environment variables or a dedicated secrets management system. Never commit default IDs to source control. | LLM | scripts/watch.py:30 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/lonehades/korail-manager-ben/lib/korail2/korail2.py:20 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/lonehades/korail-manager-ben/SKILL.md:1 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/lonehades/korail-manager-ben/lib/korail2/korail2.py:10 | |
| MEDIUM | Suspicious import: requests Import of 'requests' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/lonehades/korail-manager-ben/scripts/watch.py:5 | |
| MEDIUM | Data Exfiltration via Error Messages to Telegram The `scripts/watch.py` sends raw exception messages (`e`) to a Telegram chat. If an exception contains sensitive system information (e.g., file paths, environment variables, partial credentials, or internal logic details), this could lead to data exfiltration to an external service. Sanitize error messages before sending them to external services. Instead of sending the raw exception object, send a generic error message or log the full exception details securely on the server side. Ensure no sensitive data is included in messages sent to external platforms. | LLM | scripts/watch.py:70 |
Scan History
Embed Code
[](https://skillshield.io/report/9f667c1954b42997)
Powered by SkillShield