Trust Assessment
wp-abilities-verify received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Arbitrary command execution via 'Env-up command' input, Potential command injection through file path inputs, Arbitrary file write via 'Report output path'.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on June 1, 2026 (commit 9b1e542c). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution via 'Env-up command' input The skill explicitly accepts an 'Env-up command' as an input, which is then executed to bring up the environment. This allows for arbitrary command injection if the input is not properly sanitized or if untrusted user input is directly passed to this parameter. An attacker could provide malicious commands (e.g., `npm run wp-env start; rm -rf /`) leading to system compromise. Implement strict input validation and sanitization for the 'Env-up command'. Consider using a whitelist of allowed commands or arguments, or execute the command within a highly restricted sandbox environment. If direct execution of arbitrary commands is necessary, ensure the agent's execution environment is isolated and ephemeral. | LLM | SKILL.md:45 | |
| HIGH | Potential command injection through file path inputs The skill takes 'Plugin checkout path' and 'Audit doc path' as inputs, and uses command-line tools like `rg` and `wp-cli`. If these paths are directly interpolated into shell commands without proper escaping (e.g., quoting), an attacker could craft a path that includes shell metacharacters (e.g., `../../; rm -rf /`) to execute arbitrary commands. Ensure all file path inputs are strictly validated and properly escaped (e.g., using `shlex.quote` in Python or similar mechanisms in other languages) before being used in shell commands. | LLM | SKILL.md:39 | |
| MEDIUM | Arbitrary file write via 'Report output path' The skill accepts a 'Report output path' where it writes its verification report. If an attacker can control this path, they could specify a sensitive system file (e.g., `/etc/passwd`, a web server configuration file, or a script) to be overwritten or appended with the report content, potentially leading to denial of service, privilege escalation, or other system compromises. Restrict the 'Report output path' to a designated, non-sensitive directory (e.g., a temporary directory or a user-specific output folder). Validate the path to prevent directory traversal attacks (e.g., `../../`). | LLM | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/070b6028fd9c0e83)
Powered by SkillShield