Trust Assessment
n8n-monitor received a trust score of 69/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 0 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Potential Command Injection via SKILL.md 'Commands' section.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Potential Command Injection via SKILL.md 'Commands' section The `SKILL.md` file, which is part of the untrusted skill package, explicitly lists shell commands under a 'Commands' section (e.g., `docker ps | grep n8n`). In an AI agent ecosystem like `claude_code`, there is a significant risk that the host LLM or agent runtime might interpret these listed commands as instructions to be executed. If the agent executes these commands, it constitutes a command injection vulnerability, allowing arbitrary shell commands to be run on the host system or within the container environment. While the provided `main.js` does not currently implement these commands, the presence of these explicit commands in the skill's definition (`SKILL.md`) creates a high-risk scenario if the agent's design involves interpreting and acting upon such descriptions. 1. **Remove direct shell commands from `SKILL.md`**: The `SKILL.md` should describe capabilities in natural language, not provide executable commands. 2. **Implement commands safely in trusted code**: If shell execution is required, it must be implemented in the skill's trusted code (e.g., `main.js`) using secure methods (e.g., `child_process.spawn` with careful input sanitization and argument separation, avoiding `shell: true`). 3. **Agent runtime hardening**: Ensure the AI agent runtime is designed *not* to execute shell commands found in untrusted documentation or skill descriptions. | LLM | SKILL.md:11 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/smitti7971/n8n-monitor/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/79b81a3fc05fb58b)
Powered by SkillShield