Trust Assessment
luma-event-manager received a trust score of 81/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 4 findings: 0 critical, 0 high, 3 medium, and 1 low severity. Key findings include Missing required field: name, Unpinned npm dependency version, Potential Command Argument Injection via gog CLI.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Missing required field: name The 'name' field is required for openclaw skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/mariovallereyes/luma-event-manager/SKILL.md:1 | |
| MEDIUM | Unpinned npm dependency version Dependency 'cheerio' is not pinned to an exact version ('^1.2.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/mariovallereyes/luma-event-manager/package.json | |
| MEDIUM | Potential Command Argument Injection via gog CLI The skill executes the external `gog` CLI using `child_process.execFile` in `src/calendar.ts`. Arguments passed to `gog` are constructed from both scraped event data (e.g., `event.title`, `event.description`, `event.url`, `event.location`) and user-controlled parameters (e.g., `options.account`, `options.calendarId`). While `execFile` is generally safer than `exec` as it bypasses shell interpretation, a malicious Luma event page or a user could craft inputs that, if `gog`'s argument parser is vulnerable, might lead to unintended actions or command execution through `gog` itself. For example, if a user-provided `account` value contained `--evil-flag`, `gog` might interpret it as a separate flag rather than part of the account string, depending on its parsing logic. Sanitize all user-controlled inputs (`account`, `calendarId`) and scraped data (`event.title`, `event.description`, `event.location`, `event.url`) before passing them as arguments to the `gog` CLI. This could involve strict validation, escaping, or ensuring `gog` is robust against argument injection. If possible, consider using a programmatic API for Google Calendar instead of a CLI. | LLM | src/calendar.ts:100 | |
| LOW | Unpinned Dependency in package.json The `package.json` file specifies `cheerio` with a caret (`^`) version range (`^1.2.0`). While `package-lock.json` pins the exact version, a fresh installation without the lockfile (e.g., in certain CI/CD environments or if the lockfile is ignored) could fetch a newer, potentially incompatible, or even malicious version of `cheerio` if a major update were released. Although `cheerio` v1 has been in a long pre-release state, it's generally safer to pin production dependencies to exact versions. Pin the `cheerio` dependency to an exact version in `package.json` (e.g., `"cheerio": "1.2.0"`). Ensure that `npm ci` is used for all deployments to guarantee that the `package-lock.json` is respected and exact dependency versions are installed. | LLM | package.json:18 |
Scan History
Embed Code
[](https://skillshield.io/report/c7f1053ed451e505)
Powered by SkillShield