Trust Assessment
theme-factory received a trust score of 88/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Path Traversal / Arbitrary File Read.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Path Traversal / Arbitrary File Read The skill's description indicates that it reads a 'selected theme file' from the 'themes/' directory based on 'User Selection'. If the user's input for the theme name is not properly sanitized or validated against a strict allow-list, an attacker could provide a path traversal sequence (e.g., `../../../../etc/passwd`) to read arbitrary files outside the intended 'themes/' directory. This could lead to data exfiltration of sensitive system files or other skill-related data. Implement strict input validation for theme selection. Instead of directly using user input to construct file paths, ensure that the selected theme name is matched against a predefined, hardcoded list of allowed themes. If direct path construction is necessary, use robust path sanitization techniques (e.g., `os.path.normpath` and `os.path.abspath` in Python, followed by checking if the path starts with the expected base directory) to prevent directory traversal. The skill should only access files strictly within the `themes/` directory. | LLM | SKILL.md:40 |
Scan History
Embed Code
[](https://skillshield.io/report/6098921405231bfa)
Powered by SkillShield