Trust Assessment
para-pkm received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Path Traversal in KB Initialization, Path Traversal in Navigation File Generation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Path Traversal in KB Initialization The `init_para_kb.py` script constructs the knowledge base path using `base_path / kb_name`. If the `kb_name` argument contains path traversal sequences (e.g., `../`), an attacker could create directories and files outside the intended `base_path`. This allows for arbitrary directory creation and file writing within the user's permissions, leading to potential system disruption or unauthorized data placement. Sanitize the `kb_name` argument to prevent path traversal. Ensure `kb_name` only contains valid directory name characters and does not include path separators or `..` components. A common approach is to use `Path(kb_name).name` to extract only the final component, or validate against a regex. | LLM | scripts/init_para_kb.py:20 | |
| HIGH | Path Traversal in Navigation File Generation The `generate_nav.py` script constructs the output file path using `kb_path / args.output`. If the `--output` argument contains path traversal sequences (e.g., `../`), an attacker could write the generated `AGENTS.md` content to an arbitrary location outside the intended `kb_path`. This allows for arbitrary file writing within the user's permissions, leading to potential system disruption or unauthorized data placement. Sanitize the `--output` argument to prevent path traversal. Ensure `args.output` only contains valid filename characters and does not include path separators or `..` components. A common approach is to use `Path(args.output).name` to extract only the final component, or validate against a regex. | LLM | scripts/generate_nav.py:90 |
Scan History
Embed Code
[](https://skillshield.io/report/97c09007b0329df8)
Powered by SkillShield