Trust Assessment
terabox-link-extractor received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Arbitrary File Write via Untrusted Filename.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary File Write via Untrusted Filename The skill downloads files using a filename (`file.name`) obtained from an untrusted external API response (`xapiverse.com`). If this `fileName` contains an absolute path (e.g., `/etc/passwd` on Linux or `C:\Windows\System32\evil.dll` on Windows), Node.js's `path.join()` function will resolve to the absolute path provided by the attacker, effectively bypassing the intended `outDir` restriction. This allows the skill to write files to arbitrary locations on the filesystem, leading to potential system compromise or data corruption. Sanitize the `fileName` obtained from the API response using `path.basename()` to ensure it only contains the base filename and no path separators. Change `const dest = path.join(outDir, fileName);` to `const dest = path.join(outDir, path.basename(fileName));`. | LLM | scripts/extract.js:140 |
Scan History
Embed Code
[](https://skillshield.io/report/7c394b3765eff230)
Powered by SkillShield