Trust Assessment
server-monitor received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 3 critical, 1 high, 0 medium, and 1 low severity. Key findings include Arbitrary command execution, Node lockfile missing, Skill uses `execSync` for system commands, granting excessive permissions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 10/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Node.js child_process require Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/michaelhotss/server-monitor/index.js:8 | |
| CRITICAL | Arbitrary command execution Node.js synchronous shell execution Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/michaelhotss/server-monitor/index.js:67 | |
| CRITICAL | Arbitrary command execution Node.js synchronous shell execution Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/michaelhotss/server-monitor/index.js:106 | |
| HIGH | Skill uses `execSync` for system commands, granting excessive permissions The `index.js` file utilizes `child_process.execSync` to execute shell commands (`df -h /` and `ps aux`). While the commands are currently hardcoded and do not directly incorporate user input, the use of `execSync` grants the AI skill the ability to run arbitrary shell commands on the host system. This constitutes an excessive permission, as it allows the skill to perform actions beyond its intended scope, including potential data exfiltration, system modification, or further compromise if the skill's logic or the LLM controlling it were to be manipulated. This also creates a high-risk vector for command injection if future updates introduce user-controlled input into these commands. Replace `execSync` with safer, platform-agnostic Node.js APIs (e.g., `os` module for system info, or dedicated libraries for process/disk monitoring) where possible. If shell execution is strictly necessary, use `child_process.spawn` or `child_process.execFile` with carefully sanitized arguments, avoiding direct shell interpretation of user input. Consider sandboxing the execution environment if shell access is unavoidable. | LLM | index.js:7 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/michaelhotss/server-monitor/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/00cdef01f9474220)
Powered by SkillShield