Trust Assessment
soulstamp received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Skill uses direct shell commands for file operations.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 9c1b8e80). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill uses direct shell commands for file operations The skill's documentation explicitly shows a `bash` command for backup (`cp SOUL.md SOUL.md.backup.$(date +%Y%m%d-%H%M%S)`) and describes commands like `soulstamp restore` and `soulstamp diff` which inherently involve file system operations. These operations are often implemented via direct shell command execution. If the skill's underlying implementation passes unsanitized user input (e.g., filenames, paths, or other arguments) to these shell commands, it could lead to arbitrary command injection, allowing an attacker to execute malicious code on the host system. Implement file operations using secure, language-native APIs (e.g., Python's `shutil` module, Node.js `fs` module) instead of direct shell execution. If shell execution is unavoidable, ensure all user-provided input is strictly validated and sanitized, or passed as arguments to the command using mechanisms that prevent shell interpretation (e.g., `subprocess.run(..., shell=False)`). | LLM | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/02b93b5dfa936e3b)
Powered by SkillShield