Security Audit

azure-ai-contentsafety-py

github.com/sickn33/antigravity-awesome-skills

AI SkillCommit e36d6fd3b3f6

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

azure-ai-contentsafety-py received a trust score of 56/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include Unpinned Dependency in Manifest, Potential Local File Access for Image Analysis.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

86%

Dependency Graph

100%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Filesystem Write

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Unpinned Dependency in Manifest The skill's manifest specifies a dependency on 'azure-ai-contentsafety' without a pinned version. This introduces a supply chain risk, as future versions of the package could introduce vulnerabilities, breaking changes, or malicious code without explicit review. It's best practice to pin dependencies to specific versions to ensure reproducibility and security. Pin the 'azure-ai-contentsafety' dependency to a specific version (e.g., 'azure-ai-contentsafety==X.Y.Z') in the skill's manifest or equivalent dependency declaration.	Static	Manifest:1
MEDIUM	Potential Local File Access for Image Analysis The 'Analyze Image' example demonstrates reading a local file ('image.jpg') using `with open("image.jpg", "rb") as f:`. If the skill is implemented by an agent that allows user-controlled input for file paths, this could lead to arbitrary local file reading, potentially exposing sensitive data or allowing data exfiltration if the agent has filesystem access. While the example uses a hardcoded filename, it showcases a capability that could be exploited. If local file access is not a core requirement for the skill, remove or modify this example to only use image data from URLs or direct byte streams. If local file access is necessary, ensure that any file paths provided by untrusted input are strictly validated and sanitized to prevent directory traversal attacks or access to unauthorized files.	Static	SKILL.md:60

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/dbfe6da7165d0722.svg)](https://skillshield.io/report/dbfe6da7165d0722)