Trust Assessment
mediawiki-login-test received a trust score of 62/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 11 findings: 10 critical, 0 high, 0 medium, and 1 low severity. Key findings include Node lockfile missing, Command Injection via Sourced Configuration File, Command Injection via `eval` with Unsanitized Environment Variables.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings11
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via Sourced Configuration File The script sources a configuration file whose path is determined by the `MEDIAWIKI_CONFIG` environment variable. If an attacker can control `MEDIAWIKI_CONFIG`, they can force the script to source an arbitrary file, leading to arbitrary code execution. This bypasses intended security measures by executing untrusted code directly. This pattern is repeated across all executable shell scripts. Avoid sourcing files whose paths can be controlled by environment variables. If dynamic configuration is necessary, strictly validate the file path or use a safer parsing method (e.g., JSON parsing with `jq` or a dedicated configuration library) instead of `source`. | LLM | scripts/get_user_info.sh:14 | |
| CRITICAL | Command Injection via Sourced Configuration File The script sources a configuration file whose path is determined by the `MEDIAWIKI_CONFIG` environment variable. If an attacker can control `MEDIAWIKI_CONFIG`, they can force the script to source an arbitrary file, leading to arbitrary code execution. This bypasses intended security measures by executing untrusted code directly. This pattern is repeated across all executable shell scripts. Avoid sourcing files whose paths can be controlled by environment variables. If dynamic configuration is necessary, strictly validate the file path or use a safer parsing method (e.g., JSON parsing with `jq` or a dedicated configuration library) instead of `source`. | LLM | scripts/health_check.sh:14 | |
| CRITICAL | Command Injection via Sourced Configuration File The script sources a configuration file whose path is determined by the `MEDIAWIKI_CONFIG` environment variable. If an attacker can control `MEDIAWIKI_CONFIG`, they can force the script to source an arbitrary file, leading to arbitrary code execution. This bypasses intended security measures by executing untrusted code directly. This pattern is repeated across all executable shell scripts. Avoid sourcing files whose paths can be controlled by environment variables. If dynamic configuration is necessary, strictly validate the file path or use a safer parsing method (e.g., JSON parsing with `jq` or a dedicated configuration library) instead of `source`. | LLM | scripts/login.sh:14 | |
| CRITICAL | Command Injection via Sourced Configuration File The script sources a configuration file whose path is determined by the `MEDIAWIKI_CONFIG` environment variable. If an attacker can control `MEDIAWIKI_CONFIG`, they can force the script to source an arbitrary file, leading to arbitrary code execution. This bypasses intended security measures by executing untrusted code directly. This pattern is repeated across all executable shell scripts. Avoid sourcing files whose paths can be controlled by environment variables. If dynamic configuration is necessary, strictly validate the file path or use a safer parsing method (e.g., JSON parsing with `jq` or a dedicated configuration library) instead of `source`. | LLM | scripts/test_connection.sh:14 | |
| CRITICAL | Command Injection via `eval` with Unsanitized Environment Variables The script constructs a `curl` command string by interpolating several environment variables (e.g., `MEDIAWIKI_TIMEOUT`, `MEDIAWIKI_PROXY`, `MEDIAWIKI_COOKIE_FILE`, `DEBUG`, `TRACE_API`, `MEDIAWIKI_VERIFY_SSL`). This command string is then executed using `eval`. If an attacker can control any of these environment variables, they can inject arbitrary shell commands, leading to remote code execution. This pattern is repeated multiple times within the script. Do not use `eval` with command strings that include interpolated environment variables or user-controlled input. Instead, construct the command as an array of arguments and execute it directly (e.g., `curl_args=(); curl_args+=("--max-time" "$MEDIAWIKI_TIMEOUT"); curl "${curl_args[@]}"`). This prevents shell metacharacters from being interpreted as commands. | LLM | scripts/get_user_info.sh:106 | |
| CRITICAL | Command Injection via `eval` with Unsanitized Environment Variables The script constructs a `curl` command string by interpolating several environment variables (e.g., `MEDIAWIKI_TIMEOUT`, `MEDIAWIKI_PROXY`, `MEDIAWIKI_VERIFY_SSL`, `DEBUG`, `TRACE_API`). This command string is then executed using `eval`. If an attacker can control any of these environment variables, they can inject arbitrary shell commands, leading to remote code execution. This pattern is repeated multiple times within the script. Do not use `eval` with command strings that include interpolated environment variables or user-controlled input. Instead, construct the command as an array of arguments and execute it directly (e.g., `curl_args=(); curl_args+=("--max-time" "$MEDIAWIKI_TIMEOUT"); curl "${curl_args[@]}"`). This prevents shell metacharacters from being interpreted as commands. | LLM | scripts/health_check.sh:100 | |
| CRITICAL | Command Injection via `eval` with Unsanitized Environment Variables The script constructs a `curl` command string by interpolating several environment variables (e.g., `MEDIAWIKI_TIMEOUT`, `MEDIAWIKI_PROXY`, `MEDIAWIKI_COOKIE_FILE`, `DEBUG`, `TRACE_API`, `MEDIAWIKI_VERIFY_SSL`). This command string is then executed using `eval`. If an attacker can control any of these environment variables, they can inject arbitrary shell commands, leading to remote code execution. This pattern is repeated multiple times within the script. Do not use `eval` with command strings that include interpolated environment variables or user-controlled input. Instead, construct the command as an array of arguments and execute it directly (e.g., `curl_args=(); curl_args+=("--max-time" "$MEDIAWIKI_TIMEOUT"); curl "${curl_args[@]}"`). This prevents shell metacharacters from being interpreted as commands. | LLM | scripts/login.sh:105 | |
| CRITICAL | Command Injection via `eval` with Unsanitized Environment Variables The script constructs a `curl` command string by interpolating several environment variables (e.g., `MEDIAWIKI_TIMEOUT`, `MEDIAWIKI_PROXY`, `MEDIAWIKI_VERIFY_SSL`, `DEBUG`, `TRACE_API`). This command string is then executed using `eval`. If an attacker can control any of these environment variables, they can inject arbitrary shell commands, leading to remote code execution. This pattern is repeated multiple times within the script. Do not use `eval` with command strings that include interpolated environment variables or user-controlled input. Instead, construct the command as an array of arguments and execute it directly (e.g., `curl_args=(); curl_args+=("--max-time" "$MEDIAWIKI_TIMEOUT"); curl "${curl_args[@]}"`). This prevents shell metacharacters from being interpreted as commands. | LLM | scripts/test_connection.sh:99 | |
| CRITICAL | Credential Harvesting / Command Injection via `MEDIAWIKI_PASSWORD` in `eval` The `MEDIAWIKI_PASSWORD` environment variable is directly interpolated into a `curl` command string that is subsequently executed using `eval`. If `MEDIAWIKI_PASSWORD` contains shell metacharacters, an attacker can inject arbitrary commands, leading to remote code execution and potential credential exfiltration or system compromise. This is a critical command injection vulnerability. Never interpolate sensitive data like passwords directly into command strings that are executed with `eval`. Instead, pass credentials securely, for example, by using `curl`'s `--data-urlencode` with a separate argument for the password, or by reading the password from a file or stdin, ensuring it is not subject to shell expansion. | LLM | scripts/login.sh:139 | |
| CRITICAL | Credential Harvesting / Command Injection via `MEDIAWIKI_PASSWORD` in `eval` The `MEDIAWIKI_PASSWORD` environment variable is directly interpolated into a `curl` command string that is subsequently executed using `eval`. If `MEDIAWIKI_PASSWORD` contains shell metacharacters, an attacker can inject arbitrary commands, leading to remote code execution and potential credential exfiltration or system compromise. This is a critical command injection vulnerability. Never interpolate sensitive data like passwords directly into command strings that are executed with `eval`. Instead, pass credentials securely, for example, by using `curl`'s `--data-urlencode` with a separate argument for the password, or by reading the password from a file or stdin, ensuring it is not subject to shell expansion. | LLM | scripts/health_check.sh:230 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/delong2003/mediawiki-login/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/ecf0fcf54470968b)
Powered by SkillShield