Trust Assessment
raindrop-api received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via Unsanitized User Input in Shell Commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 9b0e00ad). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Unsanitized User Input in Shell Commands The skill provides numerous examples of constructing `curl` commands where parts of the command (e.g., resource IDs, URLs, search queries, JSON payload values) are expected to be filled in. If these parts are derived directly from untrusted user input without proper sanitization or escaping, a malicious user could inject arbitrary shell commands. For instance, providing an ID like `123; rm -rf /` or a URL containing shell metacharacters could lead to unintended command execution. The skill does not include explicit instructions for sanitizing user input before constructing these shell commands, creating a vulnerability for command injection. Instruct the LLM to strictly sanitize or escape all user-provided input before embedding it into shell commands. For URL components and query parameters, URL-encode the values. For JSON payload values, ensure proper JSON escaping. For shell arguments, use appropriate quoting or escaping mechanisms (e.g., `printf %q` in bash) to prevent shell metacharacter interpretation. | LLM | SKILL.md:129 |
Scan History
Embed Code
[](https://skillshield.io/report/411d5fe6df8fa4cc)
Powered by SkillShield