Trust Assessment
ned-analytics received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Command Injection in `ned-query.sh` via unsanitized parameters, Potential Data Exfiltration of `NED_API_KEY` due to Command Injection.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection in `ned-query.sh` via unsanitized parameters The `ned-query.sh` script constructs a URL using the `$ENDPOINT` and `$PERIOD` variables, which are derived directly from script arguments (`$1` and `$2`). These variables are then interpolated into a `curl` command without proper sanitization or escaping. An attacker could inject shell metacharacters (e.g., `;`, `$()`, `` ` ``) into these parameters, leading to arbitrary command execution on the host system. For example, if `$ENDPOINT` were `profitability/summary; rm -rf /`, the `rm -rf /` command would be executed. Implement strict input validation and sanitization for `$ENDPOINT` and `$PERIOD` to ensure they only contain expected characters (e.g., alphanumeric, hyphens, underscores, forward slashes) and do not contain any shell metacharacters. Alternatively, use `printf %q` to properly quote the variables if they are intended to be literal strings, or use a more robust method for URL construction and HTTP requests that handles encoding automatically. For `curl`, ensure that the parameters are URL-encoded before being included in the URL string. | LLM | scripts/ned-query.sh:13 | |
| HIGH | Potential Data Exfiltration of `NED_API_KEY` due to Command Injection As a direct consequence of the command injection vulnerability in `scripts/ned-query.sh`, an attacker could craft malicious input for the `ENDPOINT` or `PERIOD` parameters to exfiltrate the `NED_API_KEY` environment variable. The `NED_API_KEY` is directly accessible within the script's execution environment. An injected command could, for example, use `curl` to send the `$NED_API_KEY` to an external server controlled by the attacker. Address the underlying command injection vulnerability by sanitizing or strictly validating all user-controlled inputs (`$ENDPOINT`, `$PERIOD`) before they are used in shell commands. This will prevent the exfiltration of sensitive environment variables like `NED_API_KEY`. | LLM | scripts/ned-query.sh:15 |
Scan History
Embed Code
[](https://skillshield.io/report/1fd9deffdeb3fce5)
Powered by SkillShield