Trust Assessment
sync-setup received a trust score of 61/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 2 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Command Injection via unsanitized user input in JIRA API validation, Command Injection via unsanitized user input in Azure DevOps API validation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 15, 2026 (commit 1823c3f6). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection via unsanitized user input in JIRA API validation The skill constructs a `curl` command for JIRA API validation by directly interpolating user-provided `email`, `token`, and `domain` into the shell command string. If these inputs are not properly sanitized or escaped, a malicious user could inject arbitrary shell commands, leading to remote code execution on the host system. Avoid shelling out to `curl` with user-controlled inputs. Instead, use a dedicated HTTP client library within the skill's runtime environment (e.g., Node.js `fetch` or `axios`) to make API calls programmatically. If `curl` must be used, ensure all user-provided variables are strictly validated and properly escaped for shell execution, or passed via environment variables/config files to prevent command line injection. | LLM | SKILL.md:30 | |
| HIGH | Command Injection via unsanitized user input in Azure DevOps API validation The skill constructs a `curl` command for Azure DevOps API validation by directly interpolating user-provided `org`, `project`, and `PAT` (Personal Access Token) into the shell command string. If these inputs are not properly sanitized or escaped, a malicious user could inject arbitrary shell commands, leading to remote code execution on the host system. Avoid shelling out to `curl` with user-controlled inputs. Instead, use a dedicated HTTP client library within the skill's runtime environment to make API calls programmatically. If `curl` must be used, ensure all user-provided variables are strictly validated and properly escaped for shell execution, or passed via environment variables/config files to prevent command line injection. | LLM | SKILL.md:36 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | plugins/specweave/skills/sync-setup/SKILL.md:1 | |
| MEDIUM | Sensitive credentials exposed in command-line arguments The `curl` commands used for JIRA and Azure DevOps validation pass sensitive credentials (API token, email, PAT) directly as command-line arguments. This practice can expose these credentials in system process lists (`ps aux`), shell history, or logs, making them vulnerable to unauthorized access by other users or processes on the same system. Avoid passing sensitive credentials directly as command-line arguments. Instead, use more secure methods such as environment variables (e.g., `CURL_USER`), a `.netrc` file with restricted permissions, or pass them via request headers/body when using a programmatic HTTP client. Ensure credentials are never logged or stored in insecure locations. | LLM | SKILL.md:30 |
Scan History
Embed Code
[](https://skillshield.io/report/783fd18cfd5865fa)
Powered by SkillShield