Trust Assessment
ktrendz-lightstick-trading received a trust score of 27/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 18 findings: 5 critical, 6 high, 6 medium, and 1 low severity. Key findings include Missing required field: name, Sensitive environment variable access: $HOME, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings18
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via Python Heredoc/Eval The shell scripts embed the '$RESPONSE' variable, which originates from an external API call, directly into Python code blocks using heredoc (python3 << EOF) or `python3 -c`. If the API response contains specific characters (e.g., `'''`) or Python code injection patterns (e.g., `"; import os; os.system('malicious_command'); x = """`), it can break out of the Python string literal and execute arbitrary Python code. This allows for full command injection and potentially arbitrary code execution on the host system. Avoid embedding untrusted data directly into code blocks. Instead, pipe the API response to Python's stdin (e.g., `echo "$RESPONSE" | python3 -c "import sys, json; data = json.loads(sys.stdin.read())['data']; ..."`) or save the response to a temporary file and pass the filename to Python for parsing. This prevents the shell from interpreting the response as part of the Python script itself. | LLM | scripts/buy.sh:50 | |
| CRITICAL | Command Injection via Python Heredoc/Eval The shell scripts embed the '$RESPONSE' variable, which originates from an external API call, directly into Python code blocks using heredoc (python3 << EOF) or `python3 -c`. If the API response contains specific characters (e.g., `'''`) or Python code injection patterns (e.g., `"; import os; os.system('malicious_command'); x = """`), it can break out of the Python string literal and execute arbitrary Python code. This allows for full command injection and potentially arbitrary code execution on the host system. Avoid embedding untrusted data directly into code blocks. Instead, pipe the API response to Python's stdin (e.g., `echo "$RESPONSE" | python3 -c "import sys, json; data = json.loads(sys.stdin.read())['data']; ..."`) or save the response to a temporary file and pass the filename to Python for parsing. This prevents the shell from interpreting the response as part of the Python script itself. | LLM | scripts/buy.sh:68 | |
| CRITICAL | Command Injection via Python Heredoc/Eval The shell scripts embed the '$RESPONSE' variable, which originates from an external API call, directly into Python code blocks using heredoc (python3 << EOF) or `python3 -c`. If the API response contains specific characters (e.g., `'''`) or Python code injection patterns (e.g., `"; import os; os.system('malicious_command'); x = """`), it can break out of the Python string literal and execute arbitrary Python code. This allows for full command injection and potentially arbitrary code execution on the host system. Avoid embedding untrusted data directly into code blocks. Instead, pipe the API response to Python's stdin (e.g., `echo "$RESPONSE" | python3 -c "import sys, json; data = json.loads(sys.stdin.read())['data']; ..."`) or save the response to a temporary file and pass the filename to Python for parsing. This prevents the shell from interpreting the response as part of the Python script itself. | LLM | scripts/price.sh:45 | |
| CRITICAL | Command Injection via Python Heredoc/Eval The shell scripts embed the '$RESPONSE' variable, which originates from an external API call, directly into Python code blocks using heredoc (python3 << EOF) or `python3 -c`. If the API response contains specific characters (e.g., `'''`) or Python code injection patterns (e.g., `"; import os; os.system('malicious_command'); x = """`), it can break out of the Python string literal and execute arbitrary Python code. This allows for full command injection and potentially arbitrary code execution on the host system. Avoid embedding untrusted data directly into code blocks. Instead, pipe the API response to Python's stdin (e.g., `echo "$RESPONSE" | python3 -c "import sys, json; data = json.loads(sys.stdin.read())['data']; ..."`) or save the response to a temporary file and pass the filename to Python for parsing. This prevents the shell from interpreting the response as part of the Python script itself. | LLM | scripts/sell.sh:50 | |
| CRITICAL | Command Injection via Python Heredoc/Eval The shell scripts embed the '$RESPONSE' variable, which originates from an external API call, directly into Python code blocks using heredoc (python3 << EOF) or `python3 -c`. If the API response contains specific characters (e.g., `'''`) or Python code injection patterns (e.g., `"; import os; os.system('malicious_command'); x = """`), it can break out of the Python string literal and execute arbitrary Python code. This allows for full command injection and potentially arbitrary code execution on the host system. Avoid embedding untrusted data directly into code blocks. Instead, pipe the API response to Python's stdin (e.g., `echo "$RESPONSE" | python3 -c "import sys, json; data = json.loads(sys.stdin.read())['data']; ..."`) or save the response to a temporary file and pass the filename to Python for parsing. This prevents the shell from interpreting the response as part of the Python script itself. | LLM | scripts/sell.sh:68 | |
| HIGH | Command Injection via Unescaped API Key in Curl Header The '$API_KEY' variable, which can be user-provided or read from an environment variable, is directly inserted into the 'x-bot-api-key' HTTP header in 'curl' commands without proper escaping. An attacker could inject additional 'curl' arguments or headers by crafting a malicious API key (e.g., `mykey" -H "X-Malicious: value" --data-binary @/etc/passwd #`). This could lead to HTTP header injection, data exfiltration (e.g., reading local files), or other malicious actions by manipulating the 'curl' command's behavior. Ensure that all user-controlled variables passed to shell commands are properly escaped. For 'curl' headers, consider using a more robust method than direct string concatenation, or strictly validate the API key to contain only safe characters. For shell arguments, `printf %q` can be used, but for HTTP headers, it's best to rely on a library or strict input validation. | LLM | scripts/setup.sh:40 | |
| HIGH | Command Injection via Unescaped API Key in Curl Header The '$API_KEY' variable, which can be user-provided or read from an environment variable, is directly inserted into the 'x-bot-api-key' HTTP header in 'curl' commands without proper escaping. An attacker could inject additional 'curl' arguments or headers by crafting a malicious API key (e.g., `mykey" -H "X-Malicious: value" --data-binary @/etc/passwd #`). This could lead to HTTP header injection, data exfiltration (e.g., reading local files), or other malicious actions by manipulating the 'curl' command's behavior. Ensure that all user-controlled variables passed to shell commands are properly escaped. For 'curl' headers, consider using a more robust method than direct string concatenation, or strictly validate the API key to contain only safe characters. For shell arguments, `printf %q` can be used, but for HTTP headers, it's best to rely on a library or strict input validation. | LLM | scripts/buy.sh:36 | |
| HIGH | Command Injection via Unescaped API Key in Curl Header The '$API_KEY' variable, which can be user-provided or read from an environment variable, is directly inserted into the 'x-bot-api-key' HTTP header in 'curl' commands without proper escaping. An attacker could inject additional 'curl' arguments or headers by crafting a malicious API key (e.g., `mykey" -H "X-Malicious: value" --data-binary @/etc/passwd #`). This could lead to HTTP header injection, data exfiltration (e.g., reading local files), or other malicious actions by manipulating the 'curl' command's behavior. Ensure that all user-controlled variables passed to shell commands are properly escaped. For 'curl' headers, consider using a more robust method than direct string concatenation, or strictly validate the API key to contain only safe characters. For shell arguments, `printf %q` can be used, but for HTTP headers, it's best to rely on a library or strict input validation. | LLM | scripts/buy.sh:47 | |
| HIGH | Command Injection via Unescaped API Key in Curl Header The '$API_KEY' variable, which can be user-provided or read from an environment variable, is directly inserted into the 'x-bot-api-key' HTTP header in 'curl' commands without proper escaping. An attacker could inject additional 'curl' arguments or headers by crafting a malicious API key (e.g., `mykey" -H "X-Malicious: value" --data-binary @/etc/passwd #`). This could lead to HTTP header injection, data exfiltration (e.g., reading local files), or other malicious actions by manipulating the 'curl' command's behavior. Ensure that all user-controlled variables passed to shell commands are properly escaped. For 'curl' headers, consider using a more robust method than direct string concatenation, or strictly validate the API key to contain only safe characters. For shell arguments, `printf %q` can be used, but for HTTP headers, it's best to rely on a library or strict input validation. | LLM | scripts/price.sh:29 | |
| HIGH | Command Injection via Unescaped API Key in Curl Header The '$API_KEY' variable, which can be user-provided or read from an environment variable, is directly inserted into the 'x-bot-api-key' HTTP header in 'curl' commands without proper escaping. An attacker could inject additional 'curl' arguments or headers by crafting a malicious API key (e.g., `mykey" -H "X-Malicious: value" --data-binary @/etc/passwd #`). This could lead to HTTP header injection, data exfiltration (e.g., reading local files), or other malicious actions by manipulating the 'curl' command's behavior. Ensure that all user-controlled variables passed to shell commands are properly escaped. For 'curl' headers, consider using a more robust method than direct string concatenation, or strictly validate the API key to contain only safe characters. For shell arguments, `printf %q` can be used, but for HTTP headers, it's best to rely on a library or strict input validation. | LLM | scripts/sell.sh:36 | |
| HIGH | Command Injection via Unescaped API Key in Curl Header The '$API_KEY' variable, which can be user-provided or read from an environment variable, is directly inserted into the 'x-bot-api-key' HTTP header in 'curl' commands without proper escaping. An attacker could inject additional 'curl' arguments or headers by crafting a malicious API key (e.g., `mykey" -H "X-Malicious: value" --data-binary @/etc/passwd #`). This could lead to HTTP header injection, data exfiltration (e.g., reading local files), or other malicious actions by manipulating the 'curl' command's behavior. Ensure that all user-controlled variables passed to shell commands are properly escaped. For 'curl' headers, consider using a more robust method than direct string concatenation, or strictly validate the API key to contain only safe characters. For shell arguments, `printf %q` can be used, but for HTTP headers, it's best to rely on a library or strict input validation. | LLM | scripts/sell.sh:47 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/hans1329/ktrendz-lightstick-trading/SKILL.md:1 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/hans1329/ktrendz-lightstick-trading/scripts/buy.sh:4 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/hans1329/ktrendz-lightstick-trading/scripts/price.sh:4 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/hans1329/ktrendz-lightstick-trading/scripts/sell.sh:4 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/hans1329/ktrendz-lightstick-trading/scripts/setup.sh:4 | |
| MEDIUM | JSON Injection via Unescaped API Key in Configuration File The '$API_KEY' variable, which can be user-provided, is directly inserted into a JSON string when writing the configuration file (`config.json`) in `scripts/setup.sh`. If the API key contains a double quote (`"`), it will break the JSON structure, potentially leading to a malformed configuration file or the injection of arbitrary JSON fields. While not directly a shell command injection, it can cause application errors, unexpected behavior, or bypass intended configuration settings. Escape the API key before embedding it in the JSON string. For example, replace `"` with `\"` and other special JSON characters. A more robust solution would be to use a JSON parsing library in a language like Python to write the configuration file, ensuring proper serialization. | LLM | scripts/setup.sh:50 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/hans1329/ktrendz-lightstick-trading/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/7bbecd89da298901)
Powered by SkillShield