skill-security-check
skill-safety-checker · v · by
63.6
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 40.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 80.0 | 15% |
| Clickfix | 0.0 | 15% |
| Credential | 100.0 | 15% |
| Twostage | 60.0 | 10% |
| Infrastructure | 100.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 10.6 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 40
[CRITICAL] Remote code download and execution via curl pipe
(line 53)
- **Unsafe execution patterns:** Does the skill tell the agent to run code that comes from the network, user input, or a
[CRITICAL] Remote script download piped to shell execution
(line 53)
- **Unsafe execution patterns:** Does the skill tell the agent to run code that comes from the network, user input, or a
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 80
[HIGH] Content contains alarming words not in description: exfiltrate, steal
CLICKFIX — Score: 0
[CRITICAL] Instructs user to pipe downloaded content to shell
(line 22)
- **"Could it run malicious code or steal my data?"** — Explicit RCE and malicious-code checks (curl|sh, eval, obfuscati
[CRITICAL] Instructs user to pipe downloaded content to shell
(line 53)
- **Unsafe execution patterns:** Does the skill tell the agent to run code that comes from the network, user input, or a
[CRITICAL] Instructs user to pipe downloaded content to shell
(line 133)
- **No RCE:** Do not instruct the agent to run `curl|sh`, `wget|bash`, eval of remote/user input, or unvalidated command
INFRASTRUCTURE — Score: 100
No findings.
TWOSTAGE — Score: 60
[CRITICAL] Download piped directly to interpreter (two-stage loader)
(line 53)
- **Unsafe execution patterns:** Does the skill tell the agent to run code that comes from the network, user input, or a
CREDENTIAL — Score: 100
No findings.
TYPOSQUAT — Score: 100
No findings.