Trust Assessment
wifi-diagnostics received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Skill requires `sudo` for core functionality, External data transfer for speed tests.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill requires `sudo` for core functionality The skill explicitly states that some commands, specifically for wireless scanning (`nmcli dev wifi list` on line 32), require `sudo` privileges. If an AI agent executes this skill, it would need to be granted `sudo` access, which represents a significant elevation of privileges and a potential security risk if not properly managed or sandboxed. Granting `sudo` to an automated agent can lead to arbitrary command execution with root permissions. 1. **Isolate Execution**: Execute `sudo` commands in a highly restricted, ephemeral environment. 2. **Least Privilege**: Only grant `sudo` for the absolute minimum necessary commands (e.g., `sudo nmcli dev wifi list`) rather than blanket `sudo` access. 3. **User Confirmation**: Require explicit user confirmation before executing any `sudo` command. 4. **Alternative Methods**: Explore non-sudo alternatives if available, or clarify the exact scope of `sudo` needed. | LLM | SKILL.md:12 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/sa9saq/wifi-diagnostics/SKILL.md:1 | |
| INFO | External data transfer for speed tests The skill uses `curl` to perform speed tests by communicating with `https://speed.cloudflare.com`. While this is an intended diagnostic function and explicitly mentioned in the 'Security' section of the skill, it involves sending data (including connection metadata and dummy upload data) to an external third-party server. This constitutes external data transfer, which could be a concern depending on the user's privacy requirements or network policies. 1. **Transparency**: Ensure users are fully aware of all external data transfers. 2. **User Consent**: Obtain explicit user consent before initiating external data transfers. 3. **Data Minimization**: Only send data strictly necessary for the diagnostic purpose. 4. **Configurability**: Provide options for users to disable or configure alternative speed test endpoints if privacy is a major concern. | LLM | SKILL.md:42 |
Scan History
Embed Code
[](https://skillshield.io/report/6f5018f933d13134)
Powered by SkillShield