Trust Assessment
qlik-cloud received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 45 findings: 39 critical, 5 high, 1 medium, and 0 low severity. Key findings include Remote code execution: curl/wget pipe to shell, Sensitive environment variable access: $USER, Command Injection via unescaped argument in URL path.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Static Code Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings45
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-alert-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-alert-trigger.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-alerts.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-answers-ask.sh:36 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-answers-ask.sh:51 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-answers-assistants.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-app-create.sh:36 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-app-fields.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-app-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-app-lineage.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-apps.sh:55 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-apps.sh:98 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-automation-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-automation-run.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-automation-runs.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-automations.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-automl-deployments.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-automl-experiment.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-automl-experiments.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-datafile.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-datafiles.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-dataset-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-datasets.sh:27 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-duplicates.sh:21 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-health.sh:18 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-license.sh:18 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-lineage.sh:37 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-lineage.sh:96 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-lineage.sh:122 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-reload-cancel.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-reload-failures.sh:21 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-reload-history.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-reload-status.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-reload.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-search.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-spaces.sh:23 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-tenant.sh:18 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-user-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/fianabates1/qlik/scripts/qlik-users-search.sh:34 | |
| HIGH | Command Injection via unescaped argument in URL path The script directly embeds the user-supplied `ASSISTANT_ID` into the `curl` URL path without proper shell escaping. A malicious `ASSISTANT_ID` containing shell metacharacters (e.g., `$(evil_command)`) could lead to arbitrary command execution on the host system. This also poses a data exfiltration risk as the `QLIK_API_KEY` would be sent with the manipulated `curl` request. Ensure all user-supplied arguments used in shell commands, especially in URLs, are properly shell-escaped and URL-encoded. For URL path segments, use `python3 -c "import urllib.parse; print(urllib.parse.quote('$VAR', safe=''))"` to encode the variable before embedding it in the URL string. | LLM | scripts/qlik-answers-ask.sh:30 | |
| HIGH | Command Injection via unescaped argument in URL query parameter The script directly embeds the user-supplied `LIMIT` into the `curl` URL query string without proper shell escaping or URL encoding. A malicious `LIMIT` containing shell metacharacters (e.g., `&$(evil_command)`) could lead to arbitrary command execution on the host system. This also poses a data exfiltration risk as the `QLIK_API_KEY` would be sent with the manipulated `curl` request. Ensure all user-supplied arguments used in shell commands, especially in URLs, are properly shell-escaped and URL-encoded. For URL query parameters, use `python3 -c "import urllib.parse; print(urllib.parse.quote_plus('$VAR'))"` to encode the variable before embedding it in the URL string. | LLM | scripts/qlik-answers-assistants.sh:20 | |
| HIGH | Command Injection via unescaped argument in JSON payload The script directly embeds the user-supplied `APP_ID` into the JSON payload for the `curl` request without proper JSON encoding. A malicious `APP_ID` containing double quotes or backslashes (e.g., `foo"; $(evil_command); echo "`) could break the JSON structure and lead to arbitrary command execution on the host system. This also poses a data exfiltration risk as the `QLIK_API_KEY` would be sent with the manipulated `curl` request. Ensure all user-supplied arguments used in JSON payloads are properly JSON-encoded. Use `python3 -c "import sys,json; print(json.dumps(sys.stdin.read().strip()))"` to encode the variable before embedding it in the JSON string. | LLM | scripts/qlik-reload.sh:30 | |
| HIGH | Command Injection via unescaped argument in JSON payload The script directly embeds the user-supplied `SPACE_ID` into the JSON payload for the `curl` request without proper JSON encoding. A malicious `SPACE_ID` containing double quotes or backslashes (e.g., `foo"; $(evil_command); echo "`) could break the JSON structure and lead to arbitrary command execution on the host system. This also poses a data exfiltration risk as the `QLIK_API_KEY` would be sent with the manipulated `curl` request. Ensure all user-supplied arguments used in JSON payloads are properly JSON-encoded. Use `python3 -c "import sys,json; print(json.dumps(sys.stdin.read().strip()))"` to encode the variable before embedding it in the JSON string. | LLM | scripts/qlik-app-create.sh:28 | |
| HIGH | Python String Injection via unescaped argument The script embeds the user-supplied `APP_ID` directly into a Python script string without proper escaping. If `APP_ID` contains triple single quotes ('''), it could terminate the Python string prematurely and potentially inject arbitrary Python code, leading to unexpected behavior or denial of service for the script. When embedding shell variables into Python scripts, ensure they are properly escaped for Python string literals. A safer approach is to pass variables as environment variables to the Python script (as done later in the same script) or use `json.dumps` for string encoding. | LLM | scripts/qlik-insight.sh:43 | |
| MEDIUM | Sensitive environment variable access: $USER Access to sensitive environment variable '$USER' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/fianabates1/qlik/scripts/qlik-user-get.sh:16 |
Scan History
Embed Code
[](https://skillshield.io/report/72110c110678d7fb)
Powered by SkillShield