Trust Assessment
mem received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via User Query.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Potential Command Injection via User Query The skill's usage instructions demonstrate a shell command `scripts/search-memory.py "<query>" --top 5` where `<query>` is intended to be replaced by user input. If this user-provided input is directly interpolated into a shell command without proper sanitization or escaping, it creates a severe command injection vulnerability. A malicious user could inject shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`) to execute arbitrary commands on the host system, potentially leading to data exfiltration, system compromise, or denial of service. When executing shell commands that incorporate user-provided input, ensure the input is rigorously sanitized and escaped. For Python `subprocess` calls, the safest approach is to pass arguments as a list (e.g., `['scripts/search-memory.py', user_query, '--top', '5']`) and set `shell=False` to prevent shell interpretation. If `shell=True` is absolutely necessary, use `shlex.quote()` on all user-provided arguments to prevent injection. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/233fb2ec79b37641)
Powered by SkillShield