Trust Assessment
resize-magic received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Unrestricted input file path allows arbitrary file access, Unrestricted output file path allows writing to arbitrary locations.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unrestricted input file path allows arbitrary file access The script takes an `$input` path directly from user arguments without sanitization or restriction. An attacker can specify paths like `/etc/passwd` or `../../sensitive_data.txt` to attempt to read arbitrary files on the system. While ImageMagick might fail to process non-image files, the attempt to access them constitutes a data exfiltration risk, as the script will try to open and read the specified file. Implement robust path sanitization to prevent path traversal (e.g., resolve to an absolute path and verify it is within an allowed, sandboxed directory) or restrict input to a designated safe directory. Alternatively, ensure the script runs with minimal necessary file system permissions. | LLM | scripts/resize.sh:23 | |
| HIGH | Unrestricted output file path allows writing to arbitrary locations The script allows the user to specify an `$output` path, or infers one based on the `$input` path, without sanitization or restriction. This enables an attacker to write image data to arbitrary locations on the filesystem, including potentially sensitive system directories (e.g., `/etc/cron.d/evil_cron` if the script runs with sufficient permissions). While the content written is image data, writing to arbitrary locations can be part of a larger attack chain (e.g., overwriting configuration files, denial of service by filling up critical partitions, or preparing for a subsequent command injection if the written file is later executed). Implement robust path sanitization to prevent path traversal (e.g., resolve to an absolute path and verify it is within an allowed, sandboxed directory) or restrict output to a designated safe directory. Ensure the script runs with minimal necessary file system permissions. | LLM | scripts/resize.sh:25 |
Scan History
Embed Code
[](https://skillshield.io/report/8aaa32188fbc08c6)
Powered by SkillShield