Security Audit

hybrid-cloud-networking

github.com/sickn33/antigravity-awesome-skills

AI SkillCommit e36d6fd3b3f6

TRUSTED

Scanned 2 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

hybrid-cloud-networking received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include Potential Command Injection via Suggested Troubleshooting Commands, Potential Data Exfiltration via Diagnostic Commands.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

86%

Behavioral Risk Signals

Network Access

2 findings

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Potential Command Injection via Suggested Troubleshooting Commands The skill provides shell commands (`aws ec2 describe-vpn-connections`, `az network vpn-connection show`) within markdown code blocks for troubleshooting. If the host LLM is configured to execute shell commands based on user prompts or its own interpretation, these commands could be used for command injection, potentially leading to unintended actions or information disclosure in the execution environment. If execution is intended, ensure the execution environment is strictly sandboxed and commands are validated against an allow-list. Consider rephrasing these as 'User should run these commands in their terminal' rather than presenting them as directly executable by the LLM. Implement strict output filtering to prevent sensitive information from being returned.	LLM	SKILL.md:206
MEDIUM	Potential Data Exfiltration via Diagnostic Commands The skill suggests running diagnostic shell commands (`aws ec2 describe-vpn-connections`, `az network vpn-connection show`). If the host LLM executes these commands and returns their output to an untrusted user, sensitive configuration details about the user's AWS or Azure VPN connections could be exfiltrated. Ensure the LLM's execution environment prevents the return of sensitive command output to untrusted parties. Implement strict output sanitization and filtering. Instruct the LLM to only provide summaries or anonymized results if execution is necessary.	LLM	SKILL.md:206

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/c2b491e30a7a8d6c.svg)](https://skillshield.io/report/c2b491e30a7a8d6c)