Trust Assessment
app-builder received a trust score of 42/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Excessive permissions declared, including arbitrary Bash execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Excessive permissions declared, including arbitrary Bash execution The skill declares broad permissions including `Read`, `Write`, `Edit`, `Glob`, `Grep`, and critically, `Bash`. The `Bash` tool allows for arbitrary command execution, which, when combined with full filesystem access, presents a severe security risk. A malicious user could exploit this to execute arbitrary commands, exfiltrate data, delete files, or install malware on the host system. While an 'app builder' skill may require command execution, the blanket `Bash` permission without explicit sandboxing or robust input validation mechanisms is highly dangerous. Implement stricter permission controls. If `Bash` is absolutely necessary, ensure all commands executed are strictly validated and sanitized, or run within a highly sandboxed environment with minimal privileges. Consider using more granular tools instead of raw `Bash` where possible (e.g., specific file system operations instead of `Bash` for file manipulation). Restrict filesystem access to only necessary directories. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/65b2c4d8e8f5e264)
Powered by SkillShield