Trust Assessment
clawprint-verify received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Unsanitized variables lead to command injection in shell script.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Unsanitized variables lead to command injection in shell script The `clawprint-challenge.sh` script directly interpolates several variables into shell commands without proper sanitization or quoting. This creates multiple critical command injection vulnerabilities:
1. **Environment Variables**: `CLAWPRINT_SERVER_URL`, `CLAWPRINT_SITE_KEY`, and `CLAWPRINT_SECRET_KEY` are used directly in `curl` command arguments. If these environment variables contain shell metacharacters (e.g., `$(command)` or backticks), they could lead to arbitrary command execution. (e.g., lines 40, 80, 110)
2. **User-Provided Arguments**: `challenge_id` and `answer` (from script arguments) are directly interpolated into JSON payloads for `curl --data`. If these arguments contain double quotes followed by shell metacharacters (e.g., `"; $(evil_command) #`), they can break out of the JSON string and execute arbitrary commands. (e.g., lines 80, 110)
3. **API Response Data**: Values extracted from the API response using `jq -r` (e.g., `challenge_id`, `type`, `question`, `passed`, `valid`, `reason`) are directly echoed or used in shell conditional statements (`[ "$passed" = "true" ]`). If the ClawPrint API returns malicious strings containing shell metacharacters, these could be executed by the shell. (e.g., lines 50-65 for echoing, lines 95 and 125 for conditionals). 1. **For `curl` arguments**: Use `printf %q` to properly quote variables when they are part of a shell command string. For JSON payloads, construct the JSON using `jq` from variables (e.g., `jq -n --arg id "$challenge_id" --arg ans "$answer" '{"challenge_id": $id, "answer": $ans}'`) and then pipe it to `curl` using `--data-binary @-`. 2. **For `echo` and shell logic**: Always quote variables when echoing them (`echo "${variable}"`) to prevent word splitting and globbing. For conditional checks, use `[[ ... ]]` for string comparisons or explicitly sanitize/validate the content of variables before use. 3. **Input Validation**: Implement strict input validation for all user-provided arguments (`challenge_id`, `answer`) to ensure they conform to expected formats (e.g., UUID, alphanumeric) and do not contain shell metacharacters. | LLM | clawprint-challenge.sh:80 |
Scan History
Embed Code
[](https://skillshield.io/report/7ace143b8bb98739)
Powered by SkillShield