Trust Assessment
beeminder received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via Unsanitized User Input in Shell Commands, Sensitive API Token Exposed in URL Query Parameters.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Unsanitized User Input in Shell Commands The skill provides `bash` commands as examples that are intended to be executed by an LLM. These commands use placeholders (e.g., `GOAL`, `N`, `TEXT`, `DATAPOINT_ID`) which are expected to be filled with user-provided input. If the LLM directly interpolates untrusted user input into these shell commands without proper shell escaping or sanitization, an attacker could inject arbitrary shell commands. For example, if `GOAL` contains shell metacharacters, it could lead to arbitrary code execution on the host system. Implement robust input validation and shell escaping for all user-provided parameters before constructing and executing shell commands. Consider using a dedicated API client library instead of raw `curl` commands to handle parameter sanitization and secure communication. | LLM | SKILL.md:56 | |
| MEDIUM | Sensitive API Token Exposed in URL Query Parameters The `BEEMINDER_AUTH_TOKEN` is passed directly in the URL query string for several API calls (e.g., listing goals, getting a single goal, deleting datapoints). While this is supported by the Beeminder API, including sensitive credentials in URLs can lead to their exposure in server logs, proxy logs, browser history, and referrer headers. This increases the risk of the token being inadvertently leaked or captured. If the Beeminder API supports it, prefer passing the authentication token in an HTTP `Authorization` header (e.g., `Authorization: Bearer <token>`) rather than as a URL query parameter. If not, ensure that the execution environment is configured to prevent logging of full URLs and that no referrer headers are sent. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/c5623d5347ca5b7c)
Powered by SkillShield