Trust Assessment
subtitles received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 7 findings: 6 critical, 1 high, 0 medium, and 0 low severity. Key findings include Persistence / self-modification instructions, Potential Command Injection via User Input in Shell Commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/subtitles/scripts/tapi-auth.js:467 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/subtitles/scripts/tapi-auth.js:468 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/subtitles/scripts/tapi-auth.js:472 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/subtitles/scripts/tapi-auth.js:473 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/subtitles/scripts/tapi-auth.js:581 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/therohitdas/subtitles/scripts/tapi-auth.js:688 | |
| HIGH | Potential Command Injection via User Input in Shell Commands The skill's setup instructions involve executing `node` commands with user-provided input (email, session token, OTP). If the LLM agent directly interpolates this user input into a shell command without proper sanitization or escaping, a malicious user could inject arbitrary shell commands. For example, providing an email like `attacker@example.com; rm -rf /` could lead to the execution of `rm -rf /` on the host system. The LLM agent should ensure all user-provided inputs are properly escaped or sanitized before being passed as arguments to shell commands. For Node.js scripts, consider using `child_process.spawn` with arguments passed as an array to prevent shell interpretation, or implement robust input validation and escaping. | LLM | SKILL.md:14 |
Scan History
Embed Code
[](https://skillshield.io/report/6b9a8a9f01dc2a79)
Powered by SkillShield