Trust Assessment
moodcast received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 10 findings: 3 critical, 5 high, 2 medium, and 0 low severity. Key findings include Arbitrary command execution, Dangerous call: subprocess.check_call(), Dangerous call: subprocess.run().
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 10/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 5acc5677). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings10
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/ashutosh887/moodcast/scripts/moodcast.py:23 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/ashutosh887/moodcast/scripts/moodcast.py:226 | |
| CRITICAL | Arbitrary command execution Python shell execution (os.system, subprocess) Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/ashutosh887/moodcast/scripts/moodcast.py:229 | |
| HIGH | Dangerous call: subprocess.check_call() Call to 'subprocess.check_call()' detected in function '<module>'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/ashutosh887/moodcast/scripts/moodcast.py:23 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'play_audio'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/ashutosh887/moodcast/scripts/moodcast.py:226 | |
| HIGH | Dangerous call: subprocess.run() Call to 'subprocess.run()' detected in function 'play_audio'. This can execute arbitrary code. Avoid using dangerous functions like exec/eval/os.system. Use safer alternatives. | Static | skills/ashutosh887/moodcast/scripts/moodcast.py:229 | |
| HIGH | Arbitrary file write via user-controlled output path The script uses user-provided input from the `--output` argument directly as a file path for writing audio. An attacker could specify an arbitrary path (e.g., `/etc/passwd`, `../../sensitive_file.txt`), potentially overwriting critical system files or writing malicious content to sensitive locations, leading to data corruption or system compromise. Sanitize the `output_path` to ensure it is a safe filename and restrict it to a designated output directory (e.g., a temporary directory or a user-specific sandbox). Prevent path traversal sequences like `../`. | LLM | scripts/moodcast.py:242 | |
| HIGH | Command injection via user-controlled output path in ffmpeg command The script constructs an `ffmpeg` command using `subprocess.run` where the output file path (`output_path`) is directly taken from user input (`args.output`). An attacker could inject shell metacharacters (e.g., `;`, `|`, `&&`) into `args.output` to execute arbitrary commands on the system where the skill is running, leading to remote code execution. Before passing `output_path` to `ffmpeg_command`, ensure it is properly sanitized using `shlex.quote()` to prevent shell injection. Additionally, restrict the output path to a safe, designated directory. | LLM | scripts/moodcast.py:207 | |
| MEDIUM | Unpinned Python dependency version Requirement 'elevenlabs>=1.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/ashutosh887/moodcast/requirements.txt:1 | |
| MEDIUM | Unsanitized user input passed to external AI APIs User-provided text (`args.text`) and ambient description (`args.ambient`) are directly passed to the ElevenLabs `text_to_speech.convert` and `sound_effects.generate` APIs, respectively, without any sanitization or content moderation. This could allow an attacker to generate harmful, offensive, or resource-intensive audio/sound effects, potentially leading to abuse of the ElevenLabs service, violation of terms of service, or generation of undesirable content. While not a direct prompt injection against the host LLM, it's an injection against an external AI model. Implement input validation and sanitization for `text` and `ambient_description` before sending them to the ElevenLabs API. This could include filtering out keywords, checking for length limits, or integrating with content moderation services. Consider rate limiting API calls to prevent resource exhaustion. | LLM | scripts/moodcast.py:149 |
Scan History
Embed Code
[](https://skillshield.io/report/0020b16c1347187e)
Powered by SkillShield