Trust Assessment
pipedrive received a trust score of 28/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 1 critical, 2 high, 2 medium, and 0 low severity. Key findings include Sensitive path access: AI agent config, Sensitive environment variable access: $HOME, Sensitive environment variable access: $USER.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Static Code Analysis layer scored lowest at 56/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Shell Command Injection via Unsanitized User Input The `scripts/pipedrive.sh` script is vulnerable to shell command injection. User-provided arguments, such as search queries (`$query`), URL parameters (`$params`), and JSON payload data (`$json_data`), are directly interpolated into the `curl` command without proper sanitization or escaping. This allows an attacker to inject arbitrary shell metacharacters (e.g., `;`, `|`, `$(...)`) into the command string, leading to the execution of malicious commands on the host system. For example, providing `--status 'open; rm -rf /'` or `--title '$(echo PWNED > /tmp/pwned.txt)'` could execute arbitrary code. Properly escape all user-provided arguments before interpolating them into shell commands. For URL parameters, URL-encode values. For JSON data, ensure values are properly JSON-escaped. For shell arguments, use `printf %q` to quote and escape arguments, or pass arguments as an array to `curl` to prevent shell metacharacter interpretation. A safer approach would be to use a language like Python with its `subprocess` module and `shell=False` to execute `curl` commands, which handles argument escaping automatically. | LLM | scripts/pipedrive.sh:60 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/rdewolff/pipedrive/SKILL.md:12 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/rdewolff/pipedrive/scripts/pipedrive.sh:45 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/rdewolff/pipedrive/scripts/pipedrive.sh:35 | |
| MEDIUM | Sensitive environment variable access: $USER Access to sensitive environment variable '$USER' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/rdewolff/pipedrive/scripts/pipedrive.sh:492 |
Scan History
Embed Code
[](https://skillshield.io/report/7c29962447d90c16)
Powered by SkillShield