Add SafeSkill security badge (85/100 — Passes with Notes)

[OyaAIProd]

⚠️ SafeSkill Security Scan Results

Metric	Value
Overall Score	85/100 (Passes with Notes)
Code Score	79/100
Content Score	82/100
Findings	548 findings detected (93 critical)
Taint Flows	8
Files Scanned	173
Scan Duration	8.8s

Note: This package is a CLI tool — child_process, filesystem, and environment access are expected capabilities and are excluded from scoring and top findings.

Top Findings

• 🔴 critical: Very long single-line expression (524 chars) — possibly minified or obfuscated code (src/index.ts:140)
• 🔴 critical: Very long single-line expression (517 chars) — possibly minified or obfuscated code (src/index.ts:182)
• 🔴 critical: Unicode-escaped string with 29 escape sequences (src/cli/init-command.ts:87)
• 🔴 critical: Unicode-escaped string with 33 escape sequences (src/cli/init-command.ts:88)
• 🔴 critical: Unicode-escaped string with 18 escape sequences (src/cli/init-command.ts:89)

View full report on SafeSkill

---

About SafeSkill

SafeSkill is a free, open-source security scanner for AI tools, MCP servers, and Claude Code skills. We scan for code exploits, prompt injection, and data exfiltration risks.

False positive? We take accuracy seriously. If any finding above is incorrect, please open an issue and we will fix it immediately.

• GitHub | Website | Docs
• Built by Oya.ai -- AI Employees Builder