Trust Assessment
kyberswap received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Command Injection via unsanitized shell variables.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via unsanitized shell variables The skill's example shell commands demonstrate direct interpolation of user-controlled variables into `curl` commands without explicit sanitization. For instance, the `ROUTE_SUMMARY` variable is directly embedded into a JSON payload passed to `curl`'s `-d` argument. Similarly, the `CHAIN` variable is used directly in the URL path, and `FROM_ADDRESS` is embedded in JSON. If these variables are populated directly from untrusted user input, an attacker could inject and execute arbitrary shell commands, leading to arbitrary code execution. All user-provided input used in shell commands must be rigorously sanitized and shell-escaped. For variables used in URL paths or as part of shell arguments, use `printf %q` or similar shell-specific escaping functions. For variables embedded within JSON payloads, ensure the input is valid JSON and properly JSON-escaped before interpolation. The LLM should be explicitly instructed to apply these sanitization techniques when constructing shell commands with user input. | LLM | SKILL.md:64 |
Scan History
Embed Code
[](https://skillshield.io/report/ef15696ae23c1c57)
Powered by SkillShield