Security Audit

ferminrp/agent-skills:skills/cotizacion-dolar-argentina

github.com/ferminrp/agent-skills

AI SkillCommit 84b0da6385e2

TRUSTED

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

ferminrp/agent-skills:skills/cotizacion-dolar-argentina received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via LLM-generated shell commands.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 24, 2026 (commit 84b0da63). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
MEDIUM	Potential Command Injection via LLM-generated shell commands The skill instructs the agent to execute shell commands (`curl -s` and `jq`) to interact with `dolarapi.com`. Parameters for these commands (`tipoCotizacion`, `codigoMoneda`) are derived from user input. Although the skill explicitly states to 'Validar valor solicitado' (Validate requested value), relying on the LLM to perfectly sanitize and validate user input against allowed lists before constructing and executing shell commands is a common source of command injection vulnerabilities. An attacker could potentially craft input that bypasses LLM validation or escapes into the shell command, leading to arbitrary command execution if the LLM fails to properly escape or validate the input. Implement a dedicated tool or function that handles the API calls and parameter validation internally, rather than instructing the LLM to construct and execute shell commands directly. This tool should strictly validate parameters against the allowed lists and use a safe HTTP client library instead of `curl` for external requests. If shell execution is unavoidable, ensure robust, explicit sanitization and escaping of all user-derived inputs before command construction.	LLM	SKILL.md:56

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/cad188dcffecb872.svg)](https://skillshield.io/report/cad188dcffecb872)