Security Audit
azure-ai-contentsafety-ts
github.com/sickn33/antigravity-awesome-skillsTrust Assessment
azure-ai-contentsafety-ts received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Filesystem access via readFileSync.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Filesystem access via readFileSync The skill documentation demonstrates the use of `node:fs.readFileSync` to access the local filesystem. While the example uses a hardcoded relative path (`./image.png`), the inclusion of this function indicates that the skill, or code generated based on this skill, might interact with the local filesystem. Granting an AI agent direct filesystem access can lead to excessive permissions, potentially allowing unauthorized reading or writing of files if not properly sandboxed or if user-controlled paths are introduced. If filesystem access is not strictly necessary for the core functionality of the skill, remove examples demonstrating `node:fs` usage. If it is necessary, ensure that any file paths are strictly validated and sanitized, and consider implementing robust sandboxing or access controls to limit the scope of filesystem operations. Avoid allowing user-controlled file paths without strict validation. | LLM | SKILL.md:69 |
Scan History
Embed Code
[](https://skillshield.io/report/4dee7ab8b5dbde13)
Powered by SkillShield