Trust Assessment
walkie-talkie received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via external tool execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via external tool execution The skill explicitly uses external shell scripts and executables (`tools/transcribe_voice.sh`, `bin/sherpa-onnx-tts`) to process user-derived content. The `SKILL.md` shows an example where the LLM's generated response (which is based on user input) is passed as a string argument to `bin/sherpa-onnx-tts`. If this input is not properly sanitized or escaped before being passed to the shell command, an attacker could inject arbitrary shell commands. For instance, if the LLM generates `'; rm -rf /'` as part of the message, it could be executed, leading to arbitrary code execution or data exfiltration. Ensure all user-derived input passed to shell commands is rigorously sanitized and properly escaped. When executing external commands, prefer using methods that avoid direct shell interpretation of arguments (e.g., `subprocess.run(..., shell=False)` in Python, passing arguments as a list). Review the implementation of `tools/transcribe_voice.sh` and `bin/sherpa-onnx-tts` to ensure they handle untrusted input securely. | LLM | SKILL.md:30 |
Scan History
Embed Code
[](https://skillshield.io/report/9bb6696e7def9ef6)
Powered by SkillShield