Security Audit

vercel-labs/skills:skills/find-skills

github.com/vercel-labs/skills

AI SkillCommit 556555c2a7cf

TRUSTED

Scanned 12 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

vercel-labs/skills:skills/find-skills received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unsafe Package Installation Instruction, Potential Shell Command Injection.

The analysis covered 4 layers: dependency_graph, manifest_analysis, static_code_analysis, llm_behavioral_safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 8, 2026 (commit 556555c2). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Shell Execution

2 findings

Dynamic Code

2 findings

Security Findings2

Severity	Finding	Layer	Location
HIGH	Unsafe Package Installation Instruction The skill explicitly instructs the agent to install packages using the `-y` flag (`npx skills add ... -y`), which bypasses interactive confirmation prompts. This creates a critical security risk where the agent could be manipulated (via prompt injection or hallucination) to install and execute malicious code or typo-squatted packages without user verification. Remove the `-y` flag from the installation command to ensure the user must manually confirm the installation of third-party packages in the terminal.	Unknown	SKILL.md:85
MEDIUM	Potential Shell Command Injection The skill instructs the agent to execute `npx skills find [query]` using user-derived input. If the agent does not properly sanitize or quote the `[query]` variable, a malicious user could inject shell metacharacters (e.g., `;`, `\|`, `&&`) to execute arbitrary commands on the host system. Update the skill instructions to explicitly require the agent to sanitize search queries or properly quote arguments (e.g., `npx skills find "[query]"`) to prevent shell injection.	Unknown	SKILL.md:51

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/e855ff2f673580a3.svg)](https://skillshield.io/report/e855ff2f673580a3)