Trust Assessment
modelready received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via User-Controlled Arguments.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Potential Command Injection via User-Controlled Arguments The skill's manifest declares a dependency on `bash` and `curl`, indicating that it executes shell commands. The documented commands in `SKILL.md` accept several user-controlled arguments, such as `repo`, `port`, `text`, `ip`, and `dtype`. Without proper sanitization and shell escaping of these arguments before they are passed to `bash` or `curl`, a malicious user could inject arbitrary shell commands. For example, the `repo` argument in the `/modelready start` command (e.g., `repo='; rm -rf /;'`) or the `text` argument in `/modelready chat` could be exploited to achieve arbitrary code execution on the host system. Implement robust input sanitization and shell escaping for all user-provided arguments (`repo`, `port`, `text`, `ip`, `dtype`) before they are used in any shell commands. Avoid direct string concatenation for command construction. Utilize libraries or frameworks that provide secure methods for executing external commands with user-supplied input, ensuring proper quoting and escaping. | LLM | SKILL.md:29 |
Scan History
Embed Code
[](https://skillshield.io/report/ce4513b47cc95022)
Powered by SkillShield