Security Audit

Sounder25/Google-Antigravity-Skills-Library:02_project_rename

github.com/Sounder25/Google-Antigravity-Skills-Library

AI SkillCommit 09376edc64e9

TRUSTED

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

Sounder25/Google-Antigravity-Skills-Library:02_project_rename received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 1 low severity. Key findings include Potential Command Injection via PowerShell script parameters, Skill requires broad filesystem and Git permissions.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 28, 2026 (commit 09376edc). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

83%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

2 findings

Dynamic Code

2 findings

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Command Injection via PowerShell script parameters The skill description indicates that it executes a PowerShell script (`rename_project.ps1`) and passes user-provided parameters (`--old-name`, `--new-name`) directly to it. If the `rename_project.ps1` script does not properly sanitize these inputs before using them in shell commands (e.g., `mv`, `sed`, `git`, `dotnet`), an attacker could inject arbitrary commands. The `SKILL.md` defines the interface where user input flows into a shell command execution context. Ensure all user-provided parameters (`--old-name`, `--new-name`) are strictly validated and sanitized within `rename_project.ps1` before being used in any shell commands or file paths. Consider using safe APIs that do not interpret input as commands.	LLM	SKILL.md:42
LOW	Skill requires broad filesystem and Git permissions The skill is designed to perform project-wide renames, which involves modifying files, directories, and Git configuration across the entire repository. The `Preconditions` section explicitly states "Permissions to modify all files." This grants the skill extensive write access, making it a high-privilege operation. While necessary for its intended function, any compromise of this skill (e.g., via command injection) could lead to significant data loss or system compromise due to its broad access. Implement robust input validation and sanitization for all parameters to mitigate the risk associated with broad permissions. While broad permissions are inherent to this skill's function, securing the input channels is paramount.	LLM	SKILL.md:30

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/7f2cf34fc733453d.svg)](https://skillshield.io/report/7f2cf34fc733453d)