Trust Assessment
token-checker received a trust score of 42/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 1 critical, 1 high, 2 medium, and 0 low severity. Key findings include Persistence / self-modification instructions, Missing required field: name, Persistence mechanism: Crontab modification.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions Crontab manipulation (list/remove/edit) Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/zhangsq36/token-checker/install.sh:4 | |
| HIGH | Persistence mechanism: Crontab modification Detected Crontab modification pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/zhangsq36/token-checker/install.sh:4 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/zhangsq36/token-checker/SKILL.md:1 | |
| MEDIUM | Hardcoded placeholder path in cron job The `install.sh` script attempts to create a cron job using a hardcoded placeholder path `/path/to/check_token.sh`. This script, as provided, will not function correctly and relies on the installation mechanism (e.g., `clawdhub CLI`) to replace this path with the actual location of `check_token.sh`. If the replacement is not handled securely or fails, it could lead to a non-functional skill or, in a worst-case scenario with a flawed replacement mechanism, command injection. The `install.sh` script should dynamically determine the correct, absolute path to `check_token.sh` at installation time. For example, use `$(dirname "$0")/check_token.sh` if `install.sh` and `check_token.sh` are in the same directory, or ensure the installation system securely substitutes the placeholder. | LLM | install.sh:4 | |
| INFO | Skill requires persistent execution via crontab modification The `install.sh` script modifies the user's crontab to schedule `check_token.sh` for periodic execution. This grants the skill persistent execution capabilities on the host system. While this is required for the skill's stated purpose of checking tokens every two hours, it represents a significant permission. If the `check_token.sh` script were to be compromised or replaced with malicious code, this cron job would provide a persistent backdoor. Ensure that the `check_token.sh` script is thoroughly vetted and protected from unauthorized modification. Consider implementing integrity checks for scheduled scripts. Users should be made aware of the persistent execution nature of this skill during installation. | LLM | install.sh:4 |
Scan History
Embed Code
[](https://skillshield.io/report/b62480c4691d9ee5)
Powered by SkillShield