Trust Assessment
trend-watcher received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 1 high, 3 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Missing required field: name, Arbitrary File Write via User-Controlled Path.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Write via User-Controlled Path The skill's `SKILL.md` documentation explicitly defines a `--bookmark` option (`-b`) described as 'File to save interesting projects'. The `index.js` file imports the `fs` module, indicating file system write capabilities. If the value provided to the `--bookmark` option is used directly as a file path for writing without proper sanitization or validation, it could lead to arbitrary file writes. An attacker could specify paths outside the intended workspace (e.g., `../../../../etc/passwd` or `/root/.ssh/id_rsa`) to overwrite or append to sensitive system files, potentially leading to data corruption, denial of service, or privilege escalation if the agent has sufficient permissions. 1. **Path Validation**: Restrict the `bookmark` file path to a designated, sandboxed directory (e.g., `this.workspacePath`). Ensure that path traversal sequences (e.g., `../`) are strictly disallowed. 2. **Sanitization**: Sanitize user-provided file names to prevent injection of special characters or absolute paths. 3. **Permissions**: Run the skill with the principle of least privilege, minimizing file system write permissions to only what is strictly necessary. 4. **Confirmation**: For sensitive file operations, consider prompting the user for explicit confirmation before proceeding with the write. | LLM | index.js:7 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/guogang1024/trend-watcher/index.js:153 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/guogang1024/trend-watcher/index.js:159 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/guogang1024/trend-watcher/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/97de453643942a34)
Powered by SkillShield