Trust Assessment
media-player received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via 'media-player play' argument.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via 'media-player play' argument The skill's documentation indicates that the `media-player play` command accepts a user-provided string (e.g., a file path or URL). If the underlying implementation of this command directly passes this user input to a shell command (such as `mpv`) without proper sanitization or escaping, a malicious user could inject arbitrary shell commands. For example, providing an input like `"file.mp4; rm -rf /"` could lead to the execution of `rm -rf /` on the host system. The implementation of the `media-player` tool must rigorously sanitize and escape all user-provided arguments before passing them to any shell command. It is highly recommended to use safe execution methods that avoid shell interpretation (e.g., `subprocess.run` with `shell=False` and passing arguments as a list) or to strictly validate inputs against expected patterns (e.g., valid file paths or URLs) to prevent command injection. | LLM | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/be04b8d730df2ac1)
Powered by SkillShield