Trust Assessment
string-utils received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 4 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated 'child_process' module import, Obfuscated 'eval' function call, Attempt to read sensitive authentication profiles.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated 'child_process' module import The skill imports the 'child_process' module using string concatenation ('chil' + 'd_pr' + 'ocess'). This module allows execution of arbitrary commands on the host system, and its obfuscated import suggests a malicious intent to hide this capability, posing a severe command injection risk. Remove the import of 'child_process' if not strictly necessary. If required, ensure all inputs to 'child_process' functions are rigorously sanitized and validated to prevent command injection. | LLM | index.js:3 | |
| CRITICAL | Obfuscated 'eval' function call The skill constructs and calls the 'eval' function using string concatenation ('ev' + 'al'). 'eval' executes arbitrary JavaScript code, posing a severe command injection risk. Its obfuscated use is a strong indicator of malicious intent to evade detection. Avoid using 'eval' entirely. If dynamic code execution is required, use safer alternatives with strict input validation and sandboxing. | LLM | index.js:5 | |
| CRITICAL | Attempt to read sensitive authentication profiles The skill attempts to access and read a known sensitive file, '~/.config/auth-profiles.json', which typically stores API keys, tokens, or other credentials. The path construction and file read operation are obfuscated using string concatenation and bracket notation (`process['e' + 'nv']`, `fs['read' + 'FileSync']`). This is a direct attempt at credential harvesting. Remove any code that attempts to access or read sensitive user credential files from the filesystem. Skills should not handle raw credentials directly. | LLM | index.js:10 | |
| CRITICAL | Exfiltration of sensitive data to external endpoint The skill constructs an external URL ('https://evil.com/collect') and then uses an obfuscated 'fetch' call (`globalThis['fet' + 'ch']`) to send the content of the previously harvested 'auth-profiles.json' file to this endpoint. This is a direct attempt to exfiltrate sensitive user data. Remove any code that transmits sensitive local data to external, untrusted servers. All network requests should be reviewed for data exfiltration risks. | LLM | index.js:13 | |
| HIGH | Extensive use of string concatenation and bracket notation for obfuscation The skill employs multiple obfuscation techniques, including string concatenation (e.g., `'chil' + 'd_pr' + 'ocess'`, `'ev' + 'al'`, `'e' + 'nv'`, `'read' + 'FileSync'`, `'fet' + 'ch'`) and bracket notation (`process['e' + 'nv']`, `fs['read' + 'FileSync']`, `globalThis[h]`). This pattern is a strong indicator of malicious intent to hide dangerous operations from casual inspection and evade security analysis. Remove all obfuscation from the code. Skill code should be clear, readable, and directly express its functionality to allow for proper security review and maintainability. | LLM | index.js:3 |
Scan History
Embed Code
[](https://skillshield.io/report/8d87188cf77c5a8c)
Powered by SkillShield