Trust Assessment
raindrop-api received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via Unsanitized User Input in Shell Commands.
The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit 326f2466). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Unsanitized User Input in Shell Commands The skill provides numerous `curl` command examples that are intended to be parameterized with values like `COLLECTION_ID`, `RAINDROP_ID`, `YOUR_QUERY`, `URL`, `tagname`, etc. If an agent directly interpolates untrusted user input into these shell command strings without proper shell escaping (e.g., using `shlex.quote` in Python or equivalent), it could lead to command injection. An attacker could craft malicious input containing shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`) to execute arbitrary commands on the host system where the agent is running. When constructing shell commands from user-provided input, ensure all variables originating from untrusted sources are properly shell-escaped before being interpolated into the command string. For example, in Python, use `shlex.quote()` for each argument. For JSON payloads, ensure user input is properly JSON-escaped before inclusion in the `-d` argument. | Unknown | SKILL.md:130 |
Scan History
Embed Code
[](https://skillshield.io/report/411d5fe6df8fa4cc)
Powered by SkillShield