Trust Assessment
raindrop-api received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via Unsanitized User Input in Shell Commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit 326f2466). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Unsanitized User Input in Shell Commands The skill provides numerous `curl` command examples that are intended to be parameterized with values like `COLLECTION_ID`, `RAINDROP_ID`, `YOUR_QUERY`, `URL`, `tagname`, etc. If an agent directly interpolates untrusted user input into these shell command strings without proper shell escaping (e.g., using `shlex.quote` in Python or equivalent), it could lead to command injection. An attacker could craft malicious input containing shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`) to execute arbitrary commands on the host system where the agent is running. When constructing shell commands from user-provided input, ensure all variables originating from untrusted sources are properly shell-escaped before being interpolated into the command string. For example, in Python, use `shlex.quote()` for each argument. For JSON payloads, ensure user input is properly JSON-escaped before inclusion in the `-d` argument. | LLM | SKILL.md:130 |
Scan History
Embed Code
[](https://skillshield.io/report/411d5fe6df8fa4cc)
Powered by SkillShield