Trust Assessment
jami received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 4 high, 1 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Command Injection in jami_caller.sh via user-supplied arguments, Command Injection in jami_listener.sh via LOG_FILE argument.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection in jami_caller.sh via user-supplied arguments The `CONTACT_ID` and `MESSAGE` variables, derived directly from command-line arguments (`$1` and `$3`), are used without proper sanitization or escaping in shell commands. An attacker can inject arbitrary shell commands by providing specially crafted input (e.g., `'; rm -rf /;'`), leading to arbitrary code execution on the host system. This affects both the `jami call` and `jami message send` commands. Sanitize or escape the `CONTACT_ID` and `MESSAGE` variables before using them in shell commands. For bash, consider using `printf %q` to properly quote arguments for shell execution, or strictly validate input to ensure it only contains expected characters (e.g., alphanumeric, hyphens, or safe message content). | LLM | scripts/jami_caller.sh:24 | |
| HIGH | Command Injection in jami_listener.sh via LOG_FILE argument The `LOG_FILE` variable, derived from the first command-line argument (`$1`), is used without proper sanitization or escaping in a shell command. An attacker can inject arbitrary shell commands by providing a specially crafted `LOG_FILE` path (e.g., `$(rm -rf /)`), leading to arbitrary code execution on the host system. Sanitize or escape the `LOG_FILE` variable before using it in shell commands. For bash, consider using `printf %q` to properly quote the argument for shell execution, or strictly validate input to ensure it is a valid file path. | LLM | scripts/jami_listener.sh:26 | |
| HIGH | Command Injection in jami_contacts.sh via NAME variable in grep The `NAME` variable, derived from the second command-line argument (`$2`), is used without proper sanitization or escaping within `grep` commands. An attacker can inject arbitrary shell commands by providing a specially crafted `NAME` (e.g., `'; evil_command;'`), leading to arbitrary code execution on the host system. This affects `add`, `remove`, and `get` actions. Sanitize or escape the `NAME` variable before using it in shell commands. For bash, consider using `printf %q` to properly quote the argument for shell execution, or strictly validate input to ensure it only contains expected characters. | LLM | scripts/jami_contacts.sh:49 | |
| HIGH | Command Injection in jami_contacts.sh via stored Contact ID The `ID` variable, retrieved from the `$CONTACTS_FILE` (which is populated by user input), is used without proper sanitization or escaping in the `jami call` command. If a malicious `ID` (e.g., `'; evil_command;'`) was previously added to the contacts file, executing the `call` action for that contact would lead to arbitrary code execution. Sanitize or escape the `ID` variable before using it in shell commands. Ensure that contact IDs stored in `$CONTACTS_FILE` are validated upon addition and retrieval to prevent malicious payloads. | LLM | scripts/jami_contacts.sh:74 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/snail3d/clawforgod/jami-skill/scripts/jami_contacts.sh:7 |
Scan History
Embed Code
[](https://skillshield.io/report/18fe42837e37ebfe)
Powered by SkillShield