Trust Assessment
text-preserve received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 4 findings: 0 critical, 0 high, 2 medium, and 2 low severity. Key findings include Unpinned npm dependency version, Node lockfile missing, Direct shell command execution during setup.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unpinned npm dependency version Dependency 'canvas' is not pinned to an exact version ('^3.1.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/wonyoung-huh/nano-banana-korean-rendering/package.json | |
| MEDIUM | Direct shell command execution during setup The `setup.mjs` script uses `child_process.execSync` to run `npm install`. While the command itself is fixed and executed within the skill's directory (`cwd: __dirname`), direct shell execution is a powerful primitive. If the `package.json` file or any of its dependencies were compromised (e.g., via a malicious `postinstall` script), this could lead to arbitrary code execution during the skill's setup phase. This represents a supply chain risk vector. Avoid direct shell execution for dependency management if possible. If necessary, ensure `package.json` and its dependencies are thoroughly vetted. Consider running `npm install` in a more isolated or sandboxed environment. For AI skills, pre-installing dependencies in the skill's container image is often preferred over runtime installation. | LLM | setup.mjs:90 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/wonyoung-huh/nano-banana-korean-rendering/package.json | |
| LOW | Unpinned major version dependencies The `package.json` specifies dependencies with caret (`^`) ranges (e.g., `"canvas": "^3.1.0"` and `"@google/generative-ai": "^0.21.0"`). This allows minor and patch updates automatically. While common, it introduces a slight supply chain risk as a malicious update in a minor or patch version could be pulled in without explicit review, potentially introducing vulnerabilities or breaking changes. Pin dependencies to exact versions (e.g., `"canvas": "3.1.0"`) to ensure reproducible builds and prevent unexpected changes from upstream packages. Regularly audit and update dependencies. | LLM | package.json:11 |
Scan History
Embed Code
[](https://skillshield.io/report/5508714d26342a73)
Powered by SkillShield