Trust Assessment
qlik-cloud received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 42 findings: 39 critical, 2 high, 1 medium, and 0 low severity. Key findings include Remote code execution: curl/wget pipe to shell, Sensitive environment variable access: $USER, Python Code Injection via Unescaped Shell Variable.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Static Code Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings42
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-alert-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-alert-trigger.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-alerts.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-answers-ask.sh:36 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-answers-ask.sh:51 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-answers-assistants.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-app-create.sh:36 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-app-fields.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-app-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-app-lineage.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-apps.sh:20 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-automation-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-automation-run.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-automation-runs.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-automations.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-automl-deployments.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-automl-experiment.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-automl-experiments.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-datafile.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-datafiles.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-dataset-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-datasets.sh:27 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-duplicates.sh:21 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-health.sh:18 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-license.sh:18 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-lineage.sh:37 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-lineage.sh:96 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-lineage.sh:122 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-reload-cancel.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-reload-failures.sh:21 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-reload-history.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-reload-status.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-reload.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-search.sh:25 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-spaces.sh:19 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-tenant.sh:18 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-user-get.sh:24 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/undsoul/qlik-cloud/scripts/qlik-users-search.sh:34 | |
| CRITICAL | Python Code Injection via Unescaped Shell Variable User-controlled variables are directly embedded into Python script strings executed via `python3 -c`. If a malicious user provides input containing single quotes (e.g., `foo' + __import__('os').system('evil_command') + 'bar`), it can break out of the string literal and execute arbitrary Python code, leading to command injection on the host system. This pattern is widespread across multiple scripts, including `qlik-answers-ask.sh`, `qlik-app-fields.sh`, `qlik-insight.sh`, `qlik-search.sh`, and many others. To prevent Python code injection, pass user-controlled variables to the Python script as environment variables (e.g., `VAR="$USER_INPUT" python3 -c "import os; var = os.environ.get('VAR')"`) or as command-line arguments (e.g., `python3 -c "import sys; var = sys.argv[1]" "$USER_INPUT"`). If embedding is strictly necessary, ensure the variable is properly escaped for Python string literals using a robust escaping function. | LLM | scripts/qlik-answers-ask.sh:50 | |
| HIGH | URL Path/Query Parameter Injection via Unescaped Shell Variable User-controlled variables are directly embedded into URL paths or query parameters without proper URL encoding. A malicious user could inject URL-breaking characters (e.g., `/`, `?`, `&`, `#`) to alter the intended API endpoint or parameters. This could lead to unauthorized access to different resources, data disclosure, or unexpected API behavior. This pattern is widespread across many scripts, including `qlik-app-fields.sh`, `qlik-reload-history.sh`, `qlik-lineage.sh`, and others. Always URL-encode user-provided path segments and query parameters before embedding them into URLs. Use `urllib.parse.quote` in Python or a similar shell utility (e.g., `jq -sRr @uri`) to ensure all special characters are correctly escaped. | LLM | scripts/qlik-app-fields.sh:27 | |
| HIGH | JSON String Injection via Unescaped Shell Variable User-controlled variables are directly embedded into JSON payloads as string values without proper JSON escaping. A malicious user could inject double quotes or backslashes to break the JSON structure, leading to malformed API requests. This could result in API errors, unintended data manipulation, or potentially command injection if the API endpoint processes the malformed JSON in an insecure way. This pattern is present in scripts like `qlik-reload.sh` and `qlik-app-create.sh`. Always JSON-escape user-provided strings before embedding them into JSON payloads. Use `json.dumps` in Python (as already done for `APP_NAME` and `DESCRIPTION` in `qlik-app-create.sh`) or a similar utility to ensure proper escaping of special characters like double quotes and backslashes. | LLM | scripts/qlik-reload.sh:29 | |
| MEDIUM | Sensitive environment variable access: $USER Access to sensitive environment variable '$USER' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/undsoul/qlik-cloud/scripts/qlik-user-get.sh:16 |
Scan History
Embed Code
[](https://skillshield.io/report/6a3981ca49d95a83)
Powered by SkillShield