Trust Assessment
yandex-calendar received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 4 critical, 0 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Command Injection via unsanitized user input, Command Injection via unsanitized user input in bot instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via unsanitized user input The skill constructs shell commands by directly embedding user-provided input (e.g., event name, search query) without proper sanitization. A malicious user could inject arbitrary shell commands by including shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`) in their input, leading to arbitrary code execution on the host system. All user-provided input must be strictly sanitized or escaped before being passed to shell commands. Ideally, use a command execution mechanism that accepts arguments as a list (e.g., `subprocess.run(['khal', 'new', date_time, duration, title])` in Python) instead of constructing a single shell string. If shell string construction is unavoidable, ensure all user input is escaped to prevent shell metacharacter interpretation. | LLM | SKILL.md:20 | |
| CRITICAL | Command Injection via unsanitized user input The skill constructs shell commands by directly embedding user-provided input (e.g., event name, search query) without proper sanitization. A malicious user could inject arbitrary shell commands by including shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`) in their input, leading to arbitrary code execution on the host system. All user-provided input must be strictly sanitized or escaped before being passed to shell commands. Ideally, use a command execution mechanism that accepts arguments as a list (e.g., `subprocess.run(['khal', 'search', query])` in Python) instead of constructing a single shell string. If shell string construction is unavoidable, ensure all user input is escaped to prevent shell metacharacter interpretation. | LLM | SKILL.md:29 | |
| CRITICAL | Command Injection via unsanitized user input in bot instructions The instructions for the bot explicitly define commands that embed user input directly into shell commands without sanitization. This allows for command injection if the agent executes these commands as described. For example, if 'НАЗВАНИЕ' contains shell metacharacters, it could lead to arbitrary code execution. The skill definition should explicitly instruct the AI agent to sanitize or escape all user-provided input before constructing and executing shell commands. The platform executing the skill should also enforce secure command execution practices, such as using argument lists instead of raw shell strings. | LLM | SKILL.md:44 | |
| CRITICAL | Command Injection via unsanitized user input in bot instructions The instructions for the bot explicitly define commands that embed user input directly into shell commands without sanitization. This allows for command injection if the agent executes these commands as described. For example, if 'тема' contains shell metacharacters, it could lead to arbitrary code execution. The skill definition should explicitly instruct the AI agent to sanitize or escape all user-provided input before constructing and executing shell commands. The platform executing the skill should also enforce secure command execution practices, such as using argument lists instead of raw shell strings. | LLM | SKILL.md:49 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/gbroccoli/yandex-calendar/SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/fc8f4271abc9573b)
Powered by SkillShield