Trust Assessment
mastodon-publisher received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 3 high, 0 medium, and 0 low severity. Key findings include Obfuscated JavaScript/TypeScript code detected, Arbitrary file read via media attachment path, Unverifiable handling of sensitive environment variables.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Obfuscated JavaScript/TypeScript code detected The `scripts/tootbot.js` file appears to be minified or obfuscated. This significantly hinders security auditing, making it difficult to identify hidden instructions, malicious functionality, or insecure practices. The lack of transparency increases the risk of undetected vulnerabilities or backdoors. Provide the original, human-readable source code for `scripts/tootbot.js` to allow for proper security auditing and verification of its functionality. | LLM | scripts/tootbot.js:1 | |
| HIGH | Arbitrary file read via media attachment path The skill's `SKILL.md` indicates that the `media` parameter accepts a `file` path (e.g., `/path/to/foo.png`). The `scripts/tootbot.js` script imports `fs` and uses `readFileSync`, confirming its ability to read local files. Without strict path validation and sandboxing, an attacker could provide paths to arbitrary sensitive files (e.g., `/etc/passwd`, `~/.ssh/id_rsa`, `/proc/self/environ`). The content of these files could then be read by the script and potentially exfiltrated via the Mastodon post, leading to data leakage or unauthorized access. Implement strict validation and sanitization of file paths provided for media attachments. Restrict file access to a designated, sandboxed directory. Consider using a file picker or content ID system instead of direct file paths to prevent arbitrary file system access. | LLM | SKILL.md:30 | |
| HIGH | Unverifiable handling of sensitive environment variables The skill requires sensitive credentials, specifically `MASTODON_ACCESS_TOKEN`, to be provided as environment variables. The core logic for handling these credentials resides in the obfuscated `scripts/tootbot.js` file. Due to the obfuscation, it is impossible to verify that these credentials are handled securely, used only for their intended purpose (connecting to Mastodon), and not logged, stored insecurely, or exfiltrated to an unauthorized third party. Provide the original, human-readable source code for `scripts/tootbot.js` to allow for proper security auditing of credential handling. Ensure that credentials are never logged, stored persistently, or transmitted to unauthorized endpoints. | LLM | SKILL.md:45 |
Scan History
Embed Code
[](https://skillshield.io/report/a5a8115ee5994f8f)
Powered by SkillShield