Trust Assessment
zeruai received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 1 low severity. Key findings include Node lockfile missing, Arbitrary File Read via --json flag.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 9c1b8e80). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Read via --json flag The `cmdRegister` function in `scripts/zeru.ts` uses `fs.readFileSync` to read a JSON file specified by the `--json` flag. The file path is taken directly from user input without validation or sanitization. An attacker could provide a path to an arbitrary file (e.g., `--json /etc/passwd` or `--json ../../../.env`) to read its contents, leading to data exfiltration. Implement strict validation and sanitization for the `jsonFile` path. Restrict file access to a designated, sandboxed directory. Prevent directory traversal (`..`) and absolute paths outside the intended scope. If the skill must read user-provided files, ensure they are placed in a secure, temporary, and isolated location. | LLM | scripts/zeru.ts:80 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/elitex45/zeruai/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/0402de1ac0f6e5d3)
Powered by SkillShield