Security Audit

JHostalek/junior:.rulesync/skills/ship

github.com/JHostalek/junior

AI SkillCommit c6f4388827f8

TRUSTED

Scanned 15 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

JHostalek/junior:.rulesync/skills/ship received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via Unsanitized Version String.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on March 22, 2026 (commit c6f43888). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
MEDIUM	Potential Command Injection via Unsanitized Version String The skill describes executing shell commands (`git checkout`, `git push`, `git commit`) that interpolate a `<new_version>` string. This `<new_version>` is derived from user input (`$ARGUMENTS`). If the LLM generates code that directly interpolates this string into shell commands without proper sanitization or quoting, an attacker could potentially inject arbitrary commands by crafting a malicious version string (e.g., `1.0.0; evil_command`). While the skill implies a standard semantic version format, the lack of explicit sanitization instructions for the LLM creates a risk that the generated code might be vulnerable. Instruct the LLM to sanitize or properly quote the `<new_version>` variable when constructing shell commands. For example, ensure the generated code uses parameterized commands or shell escaping functions (e.g., `shlex.quote` in Python) to prevent command injection. Additionally, validate that the `version_bump` argument strictly adheres to expected values (patch/minor/major) and that the computed `new_version` is a valid semantic version string before use.	LLM	SKILL.md:30

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/5506eaa730bd655a.svg)](https://skillshield.io/report/5506eaa730bd655a)