Trust Assessment
token-optimizer received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via User Input to Script.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via User Input to Script The skill instructs the agent to execute Python scripts, passing user-provided input directly as a shell argument. If the Python scripts (`model_router.py`, `context_optimizer.py`) do not properly sanitize or quote this input when processing it internally (e.g., using `os.system()` or `subprocess.run(..., shell=True)`), a malicious user prompt containing shell metacharacters could lead to arbitrary command execution. Ensure that `model_router.py` and `context_optimizer.py` (and any other scripts taking user input as arguments) robustly sanitize or quote all user-provided input before using it in shell commands. Prefer passing arguments as a list to `subprocess.run()` and avoid `shell=True` where possible. The skill documentation should also include a warning about sanitizing user input. | LLM | SKILL.md:99 |
Scan History
Embed Code
[](https://skillshield.io/report/1ec4f664b5ac146b)
Powered by SkillShield