Trust Assessment
imitation-agent received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include User-controlled agentId leads to shell command injection.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | User-controlled agentId leads to shell command injection The `agentId` is initially provided by the user during setup and subsequently loaded from a configuration file. This `agentId` is then directly interpolated into a double-quoted string within a `curl -d` argument, which forms a JSON payload. If the user-provided `agentId` contains shell metacharacters (e.g., `"; rm -rf /; echo "`), it can break out of the JSON string and execute arbitrary commands on the host system when the `curl` command is run. The `jq -r` command extracts the raw string, which is then unsafely embedded into the shell command. Ensure that user-controlled inputs like `agentId` are properly sanitized and shell-escaped before being interpolated into shell commands. When constructing JSON payloads for `curl`, prefer using a dedicated JSON library or passing the payload via a temporary file (`-d @filename`) to avoid shell interpolation issues. If direct string interpolation is necessary, the `agentId` must be both JSON-escaped and then shell-escaped. | LLM | SKILL.md:74 |
Scan History
Embed Code
[](https://skillshield.io/report/1292c90609e026bc)
Powered by SkillShield