Trust Assessment
linkedin-content received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Excessive Bash tool permissions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Excessive Bash tool permissions The skill declares 'Bash(infsh *)' as an allowed tool in its manifest. This wildcard permission grants the skill the ability to execute any command starting with 'infsh'. Depending on the capabilities of the 'infsh' CLI and its available applications, this could allow the skill to perform arbitrary system operations, access sensitive files, or make unauthorized network requests. This broad permission significantly increases the attack surface and potential for misuse. Restrict Bash tool permissions to only the specific 'infsh' commands and arguments absolutely necessary for the skill's functionality. Avoid using wildcards like '*' unless the tool itself provides fine-grained, secure sandboxing for all subcommands. | LLM | Manifest |
Scan History
Embed Code
[](https://skillshield.io/report/d33e1151d104d6e5)
Powered by SkillShield