Trust Assessment
pulumi-cdk-to-pulumi received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Unsafe Execution of Untrusted Code.
The analysis covered 4 layers: llm_behavioral_safety, manifest_analysis, static_code_analysis, dependency_graph. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 8, 2026 (commit 3230a42d). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsafe Execution of Untrusted Code The skill instructs the agent to execute `npx cdk synth` immediately after credential verification. This command executes the application logic defined in the target repository's `cdk.json` or `package.json`. If the agent is used to analyze or migrate an untrusted repository, this results in arbitrary code execution on the host environment without prior user confirmation or code inspection. Update the skill to instruct the agent to ask for explicit user confirmation before running `cdk synth`, warning that it executes code from the repository. Alternatively, instruct the agent to inspect `cdk.json` for suspicious commands before execution. | Unknown | SKILL.md:55 |
Scan History
Embed Code
[](https://skillshield.io/report/7250869e059fd4ee)
Powered by SkillShield