Trust Assessment
prometheus received a trust score of 88/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Shell Command Injection via PromQL Query Parameter.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Shell Command Injection via PromQL Query Parameter The skill provides `curl` command examples for querying the Prometheus API. If an LLM constructs these commands by directly inserting untrusted user input into the `query` parameter (e.g., `query=user_input`) without proper shell escaping or URL encoding, it could lead to shell command injection. An attacker could craft a malicious PromQL query containing shell metacharacters (e.g., `;`, `|`, `$(...)`) to execute arbitrary commands on the host system where the `curl` command is run. While the examples themselves use static queries, they establish a pattern where the `query` parameter is a prime candidate for dynamic generation from user input. When generating `curl` commands, ensure that any user-provided input for URL parameters, especially the `query` parameter, is thoroughly URL-encoded and shell-escaped before being inserted into the command string. Implement strict input validation and sanitization for all dynamic parts of the command to prevent injection of malicious shell commands or URL components. | LLM | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/c56b4ab7a752405b)
Powered by SkillShield