Trust Assessment
otaku-wiki received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Suspicious import: urllib.request, Potential Command Injection via Unsafe Exec Argument Construction.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Unsafe Exec Argument Construction The skill instructs the host LLM to construct and execute a shell command using `exec` with user-provided input for the `--search` argument. Specifically, the command template is `python3 "{baseDir}/anilist_cli.py" anime --search "<关键词或日文名或英文名>" --top 1`. While the prompt attempts to enclose the user input in double quotes, LLMs are known to be unreliable in consistently and correctly escaping user-provided strings, especially those containing quotes or shell metacharacters (e.g., `"`, `&`, `|`, `;`, `$`, `(`, `)`). An attacker could craft a malicious search query (e.g., `foo" && rm -rf /`) that, if not properly escaped by the LLM, would break out of the quoted string and lead to arbitrary command execution on the host system. Avoid constructing shell commands by concatenating user input directly. Instead, use a tool execution mechanism that passes arguments as a list of strings (e.g., `subprocess.run(['python3', script_path, 'anime', '--search', user_input])`) which prevents shell interpretation of arguments. If a shell string is unavoidable, implement robust, explicit escaping of all user input *before* it is inserted into the command string, or provide the LLM with explicit, unambiguous instructions and examples for shell escaping. | LLM | SKILL.md:19 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/robin797860/otaku-wiki/anilist_cli.py:19 |
Scan History
Embed Code
[](https://skillshield.io/report/ac32bc2997a9159d)
Powered by SkillShield