Trust Assessment
post-queue received a trust score of 60/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 0 high, 2 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Command Injection via External API Response, Sensitive API Key Handling.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via External API Response The script directly interpolates the `retry_min` variable, extracted from an external API response, into a `date` command. A malicious or compromised external API could return a specially crafted `retry_after_minutes` value (e.g., `1; rm -rf /`) that would be executed as a shell command on the system. This allows for arbitrary command execution. Validate the `retry_min` variable to ensure it contains only numeric characters before using it in a shell command. For example, use a regular expression to check its format or cast it to an integer. A safer approach would be to calculate the timestamp using arithmetic after ensuring `retry_min` is an integer, e.g., `new_cooldown=$(date -u -d "@$(($(date +%s) + retry_min * 60))" +%Y-%m-%dT%H:%M:%SZ)`. | LLM | queue.sh:110 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/luluf0x/post-queue/queue.sh:5 | |
| MEDIUM | Sensitive API Key Handling The script accesses and uses an API key stored in `~/.config/moltbook/credentials.json`. While the script itself does not exfiltrate this key, the presence and direct use of this file mean that it must be properly secured with restrictive file permissions (e.g., `chmod 600`) to prevent unauthorized access by other processes or users on the system. If this file is compromised, the API key could be exposed. Ensure that the `~/.config/moltbook/credentials.json` file has appropriate restrictive permissions (e.g., `chmod 600`) to prevent unauthorized reading. Users should be advised on the importance of securing this file. | LLM | queue.sh:70 |
Scan History
Embed Code
[](https://skillshield.io/report/2f52b8265e322af0)
Powered by SkillShield