Trust Assessment
git-sync received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Shell Command Injection via Git Commit Message.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Shell Command Injection via Git Commit Message The `sync.sh` script directly uses the first command-line argument (`$1`) as the commit message (`$MSG`) without proper sanitization. This `$MSG` is then passed to `git commit -m "$MSG"`. An attacker can inject arbitrary shell commands by crafting a malicious commit message containing shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`, `` ` ``). This allows for arbitrary code execution within the environment where the script runs, potentially leading to data exfiltration, system compromise, or denial of service. The commit message should be properly sanitized or passed to `git commit` in a way that prevents shell interpretation. A robust solution is to use `git commit -F -` to read the commit message from standard input, ensuring the message is treated as literal text. For example: `printf '%s' "$MSG" | git commit -F -`. | LLM | sync.sh:19 |
Scan History
Embed Code
[](https://skillshield.io/report/90cc650e1cb1dfcb)
Powered by SkillShield