Back to skill
Skillv2.1.3
Static analysis security
Skill Auditor · Deterministic local checks for risky code patterns and metadata mismatches.
Scanner verdict
ReviewApr 30, 2026, 4:55 AM
- Summary
- Detected: suspicious.dangerous_exec, suspicious.dynamic_code_execution, suspicious.env_credential_access (+2 more)
- Reason codes
- suspicious.dangerous_execsuspicious.dynamic_code_executionsuspicious.env_credential_accesssuspicious.potential_exfiltrationsuspicious.prompt_injection_instructions
- Engine
- v2.4.5
Evidence
criticalscripts/analyzers/ast-python.js:17
Shell command execution detected (child_process).
suspicious.dangerous_exec
criticalscripts/analyzers/static.js:545
Shell command execution detected (child_process).
suspicious.dangerous_exec
criticalscripts/audit-installed.js:89
Shell command execution detected (child_process).
suspicious.dangerous_exec
criticalscripts/setup.js:69
Shell command execution detected (child_process).
suspicious.dangerous_exec
criticalscripts/scan-url.js:21
Dynamic code execution detected.
suspicious.dynamic_code_execution
criticalscripts/analyzers/virustotal.js:150
Environment variable access combined with network send.
suspicious.env_credential_access
criticalscripts/scan-skill.js:693
Environment variable access combined with network send.
suspicious.env_credential_access
warnscripts/analyzers/ast-python.js:39
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnscripts/analyzers/static.js:45
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnscripts/scan-skill.js:90
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnscripts/scan-url.js:14
File read combined with network send (possible exfiltration).
suspicious.potential_exfiltration
warnreferences/threat-patterns.md:42
Prompt-injection style instruction pattern detected.
suspicious.prompt_injection_instructions