Trust Assessment
senior-computer-vision received a trust score of 60/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 0 high, 2 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Arbitrary Code Execution via Malicious PyTorch Model Deserialization, Unpinned Dependencies in Python Scripts.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary Code Execution via Malicious PyTorch Model Deserialization The `inference_optimizer.py` script uses `torch.load()` to load model files (`.pt`, `.pth`) from a user-provided path. PyTorch's `torch.load()` function relies on Python's `pickle` module, which is known to be insecure against maliciously constructed data. If an attacker can supply a specially crafted `.pt` or `.pth` file, arbitrary code can be executed on the system running the script when the model is loaded. This is a direct command injection/hidden instruction vector. Avoid loading untrusted PyTorch model files directly with `torch.load()`. If models must be loaded from untrusted sources, consider using safer serialization formats (e.g., ONNX, TorchScript with `torch.jit.load()` after careful inspection) or implementing strict validation and sandboxing. For trusted models, ensure the source is verified. | LLM | scripts/inference_optimizer.py:100 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/alirezarezvani/senior-computer-vision/scripts/inference_optimizer.py:135 | |
| MEDIUM | Unpinned Dependencies in Python Scripts The Python scripts (`dataset_pipeline_builder.py`, `inference_optimizer.py`, `vision_model_trainer.py`) import external libraries such as `torch`, `onnx`, and `yaml` without specifying exact version pins. This introduces a supply chain risk, as future updates to these libraries could introduce breaking changes, new vulnerabilities, or unexpected behavior. Without pinned versions, the skill's behavior is not fully reproducible or secure against dependency drift. Add a `requirements.txt` file to the skill package, listing all external Python dependencies with exact version pins (e.g., `torch==1.10.0`, `onnx==1.10.0`, `PyYAML==6.0`). Ensure that the skill's environment is set up to install these pinned versions. | LLM | scripts/inference_optimizer.py:90 |
Scan History
Embed Code
[](https://skillshield.io/report/2da0044ffa690517)
Powered by SkillShield