Trust Assessment
wordpress-router received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Execution of untrusted repository commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 9b1e542c). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Execution of untrusted repository commands The skill instructs the agent to execute 'the repo’s lint/test/build commands that the triage output recommends'. If the repository being analyzed is untrusted, these commands (e.g., defined in `package.json` scripts, `composer.json` scripts, or other build configurations within the untrusted repo) could contain malicious code. This allows for arbitrary command execution within the agent's environment, potentially leading to system compromise or data exfiltration. Implement strict sandboxing for any commands executed from untrusted repositories. Instead of directly executing arbitrary scripts, parse and validate commands from untrusted sources, or only allow a predefined, safe set of operations. Consider using a dedicated, isolated environment for executing untrusted code. | LLM | SKILL.md:29 |
Scan History
Embed Code
[](https://skillshield.io/report/6e6cbe35d25a6b7b)
Powered by SkillShield