Trust Assessment
news-summary received a trust score of 75/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Sensitive environment variable access: $OPENAI_API_KEY, Potential Command Injection via unsanitized TTS input, Potential Prompt Injection against OpenAI TTS API.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via unsanitized TTS input The skill's workflow includes a `curl` command to the OpenAI TTS API, where the `input` field for the speech generation is a placeholder `<news summary text>`. If this placeholder is dynamically replaced by content derived from untrusted user input or an LLM output influenced by user input, and is not properly escaped for both JSON and shell contexts, an attacker could inject arbitrary shell commands. This could lead to remote code execution on the host system where the skill is executed. Ensure that any dynamic content replacing `<news summary text>` is strictly validated and properly escaped for both JSON and shell contexts before being interpolated into the `curl -d` argument. It is recommended to use a dedicated JSON library to construct the payload and pass it securely, or use a safe execution method (e.g., `subprocess.run` with `shell=False` in Python) to prevent shell injection. | LLM | SKILL.md:77 | |
| MEDIUM | Sensitive environment variable access: $OPENAI_API_KEY Access to sensitive environment variable '$OPENAI_API_KEY' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/joargp/news-summary/SKILL.md:67 | |
| MEDIUM | Potential Prompt Injection against OpenAI TTS API The skill sends `<news summary text>` to the OpenAI TTS API. If this text is derived from user-controlled input or an LLM output that can be influenced by malicious user prompts, an attacker could inject instructions or harmful content into the text summary. This could lead to the generation of misleading, offensive, or otherwise undesirable audio content by the OpenAI TTS service, potentially causing reputational damage or spreading misinformation. Implement robust input validation and sanitization for any user-provided or LLM-generated text that will be used as input to the TTS API. Consider integrating content moderation filters or a 'safety layer' to review summaries for harmful content before they are sent for voice generation. | LLM | SKILL.md:77 |
Scan History
Embed Code
[](https://skillshield.io/report/2c7fe202a8ab0864)
Powered by SkillShield