Trust Assessment
simmer-signalsniper received a trust score of 36/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 0 critical, 3 high, 3 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Suspicious import: urllib.request, Potential Server-Side Request Forgery (SSRF) in RSS feed fetching.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/adlai88/simmer-signalsniper/signal_sniper.py:7 | |
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/adlai88/simmer-signalsniper/signal_sniper.py:596 | |
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/adlai88/simmer-signalsniper/signal_sniper.py:767 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/adlai88/simmer-signalsniper/scripts/status.py:16 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/adlai88/simmer-signalsniper/signal_sniper.py:29 | |
| MEDIUM | Potential Server-Side Request Forgery (SSRF) in RSS feed fetching The skill fetches RSS feeds from URLs provided by the user via environment variables (`SIMMER_SNIPER_FEEDS`) or `config.json`. While there's a basic check to ensure URLs start with `http://` or `https://`, this does not prevent the skill from making requests to internal network resources (e.g., `http://localhost`, `http://192.168.1.100`) if the environment where the skill runs has access to them. A malicious actor who can control the `feed_url` could potentially use this to probe or interact with internal services. Implement a more robust SSRF protection mechanism. This could involve: 1) validating that the resolved IP address of the hostname does not fall within private IP ranges (e.g., RFC1918, localhost), or 2) using a library that provides built-in SSRF protection, or 3) whitelisting allowed domains for RSS feeds. | LLM | signal_sniper.py:194 |
Scan History
Embed Code
[](https://skillshield.io/report/cfbc16cff48bd407)
Powered by SkillShield