Trust Assessment
hetzner received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Unsanitized user input leads to Command Injection.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Unsanitized user input leads to Command Injection The script directly uses user-supplied arguments ($1, $2, $NAME, etc.) in 'hcloud' CLI commands without sufficient sanitization. This allows an attacker to inject arbitrary shell commands via command substitution ($(...) or `...`) within the arguments. For example, providing a server name like 'my_server_name$(id)' would execute the 'id' command on the host system. This can lead to arbitrary code execution, data exfiltration, or system compromise. Implement robust input sanitization for all user-supplied arguments before passing them to external commands. This could involve strictly validating input against expected patterns (e.g., alphanumeric for names/IDs) or escaping shell metacharacters (e.g., '$', '`', ';', '&', '|', '<', '>', '(', ')') if they are not expected to be part of the literal value. For bash, consider using a function to escape input or, ideally, rewrite the script in a language like Python that offers safer subprocess execution methods (e.g., 'subprocess.run' with 'shell=False' and arguments passed as a list). | LLM | hetzner.sh:29 |
Scan History
Embed Code
[](https://skillshield.io/report/83308060bffb8ae7)
Powered by SkillShield