Trust Assessment
video-pro received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Command Injection via `nodes.run` and external tools (`npx remotion`, `ffmpeg`), Excessive Permissions: Arbitrary Remote Command Execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via `nodes.run` and external tools (`npx remotion`, `ffmpeg`) The skill explicitly uses `nodes.run` to execute arbitrary shell commands on a remote MiniPC. This is demonstrated with `npx remotion render` and various `ffmpeg` commands. If any part of the command string, such as `<CompositionId>`, `--props` values, input/output filenames (`input.mp4`, `output.mp4`, `input.srt`), or other `ffmpeg` arguments, is derived from untrusted user input without robust sanitization, an attacker could inject arbitrary shell commands. The "주의사항" (precautions) section on line 65 explicitly warns about the need for escaping special characters in paths for `ffmpeg subtitles`, confirming the potential for injection. This vulnerability allows for arbitrary code execution on the remote MiniPC. Implement strict input validation and sanitization for all parameters passed to `nodes.run` commands and arguments for `npx remotion` and `ffmpeg`. Use parameterized commands or robust shell escaping libraries to prevent injection of shell metacharacters. Avoid directly concatenating untrusted input into shell commands. For `ffmpeg` paths, ensure proper quoting and escaping as explicitly mentioned in the skill's own warnings. | LLM | SKILL.md:54 | |
| HIGH | Excessive Permissions: Arbitrary Remote Command Execution The `nodes.run` tool, as demonstrated in the skill, grants the ability to execute arbitrary shell commands on a remote `MiniPC` node. This provides very broad control over the remote system. While this might be the intended functionality for a powerful video editing skill, it represents a significant security risk. If the skill's inputs are not perfectly controlled and sanitized by the orchestrating agent, this broad permission can be easily abused to achieve full system compromise of the MiniPC. If possible, restrict the `nodes.run` command to a predefined set of safe operations or a whitelist of allowed commands/arguments. If arbitrary command execution is strictly necessary, ensure that the skill's invocation context and all inputs are thoroughly validated and sanitized by the orchestrating agent to prevent abuse. Consider using a more granular remote execution mechanism if available, rather than a raw shell command, to limit the scope of potential damage. | LLM | SKILL.md:54 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/kjaylee/video-pro/SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/eb5da8b0d91a00e1)
Powered by SkillShield