Trust Assessment
baidu-map received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 11 findings: 0 critical, 11 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via unsanitized user input in curl commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings11
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[关键词]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:32 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[关键词]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:36 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[关键词]`, `[城市]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:42 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[纬度]`, `[经度]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:49 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[地址]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:56 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[纬度]`, `[经度]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:63 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[起点]`, `[终点]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:70 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[起点]`, `[终点]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:80 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[起点]`, `[终点]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:87 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[行政区名称]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:94 | |
| HIGH | Potential Command Injection via unsanitized user input in curl commands The skill demonstrates constructing `curl` commands by directly interpolating user-provided input (e.g., `[IP地址]`) into double-quoted shell strings. If the host LLM directly substitutes user input into these placeholders without proper shell escaping, an attacker could inject shell metacharacters (e.g., `$(command)`, `;`, `|`, `&`) to execute arbitrary commands on the underlying system. This pattern is repeated across multiple `curl` examples. Implement robust shell escaping for all user-provided parameters before constructing and executing shell commands. Alternatively, use a language-specific HTTP client library that handles URL encoding and parameterization safely, rather than direct shell execution of `curl`. | LLM | SKILL.md:101 |
Scan History
Embed Code
[](https://skillshield.io/report/115be00721b381cb)
Powered by SkillShield