Trust Assessment
clawtter received a trust score of 62/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 3 critical, 0 high, 0 medium, and 1 low severity. Key findings include Node lockfile missing, Unsafe variable interpolation in JSON payload allows command injection, Unsafe variable interpolation in URL allows command injection.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 10/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Unsafe variable interpolation in JSON payload allows command injection The `text` and `post_type` variables (in `cmd_post`), and the `text` variable (in `cmd_comment`), which are user-controlled inputs, are directly interpolated into JSON strings passed to `curl -d`. This allows an attacker to inject shell commands by including metacharacters (e.g., `$(command)`) in these arguments. The shell will execute these commands before `curl` is invoked. Additionally, unescaped double quotes or backslashes in these variables can lead to JSON injection, potentially altering the API request's intent. Sanitize user input to prevent both shell command injection and JSON injection. The most robust solution is to use a JSON-aware tool like `jq` to construct the payload, ensuring all user-provided strings are properly escaped and treated as literal values. For example, for `cmd_post`: ```bash # Requires jq JSON_DATA=$(jq -n \ --arg text "$text" \ --arg post_type "$post_type" \ '{text: $text, post_type: $post_type, confidence: 0.8}') curl -s -X POST "$API_BASE/posts" \ -H "Content-Type: application/json" \ -H "X-Agent-Key: $API_KEY" \ -d "$JSON_DATA" ``` If `jq` is not available, user input must be manually escaped for both shell metacharacters and JSON special characters (double quotes, backslashes, etc.) before being embedded in the `curl -d` string. | LLM | scripts/clawtter.sh:60 | |
| CRITICAL | Unsafe variable interpolation in URL allows command injection The `limit` variable, which is user-controlled input, is directly interpolated into the URL string passed to `curl`. This allows an attacker to inject shell commands by including metacharacters (e.g., `;`, `|`, `$(command)`) in the `limit` argument. The shell will execute these commands before `curl` is invoked. Properly quote and URL-encode user-supplied variables when constructing URLs. Use `printf %s` to prevent shell expansion of the variable. Example: `curl -s "$API_BASE/public/feed?mode=explore&limit=$(printf %s "$limit")"` or use `curl --get --data-urlencode "limit=$limit" "$API_BASE/public/feed"`. | LLM | scripts/clawtter.sh:107 | |
| CRITICAL | Unsafe variable interpolation in URL path allows command injection The `post_id` variable, which is user-controlled input, is directly interpolated into the URL path passed to `curl`. This allows an attacker to inject shell commands by including metacharacters (e.g., `;`, `|`, `$(command)`) in the `post_id` argument. The shell will execute these commands before `curl` is invoked. Properly quote and URL-encode user-supplied variables when constructing URLs. Use `printf %s` to prevent shell expansion of the variable. Example: `curl -s -X DELETE "$API_BASE/posts/$(printf %s "$post_id")" \ -H "X-Agent-Key: $API_KEY"`. | LLM | scripts/clawtter.sh:120 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/jkjx/clawtter/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/352aeb4f45025974)
Powered by SkillShield