Trust Assessment
crewai-workflows received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Command Injection via unvalidated crew name.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via unvalidated crew name The `CREW_NAME` variable, taken directly from user input (`$1`), is interpolated into a `curl` command's URL without proper validation or escaping. An attacker can inject shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`) into the `crew_name` argument, leading to arbitrary command execution on the system running the script. This allows an attacker to execute any command with the privileges of the script. Validate the `CREW_NAME` against a whitelist of allowed values (e.g., 'marketing', 'support', 'analysis', 'social_media') before using it in the `curl` command. If dynamic names are strictly required, ensure proper URL encoding and shell escaping of the variable, though whitelisting is strongly preferred for fixed sets of options. | LLM | scripts/call_crew.sh:35 |
Scan History
Embed Code
[](https://skillshield.io/report/b7d600814c72cff2)
Powered by SkillShield