Trust Assessment
sendgrid received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 3 critical, 0 high, 0 medium, and 0 low severity. Key findings include Command Injection via unescaped variables in curl data, Command Injection via unescaped hostname in DNS lookup, Command Injection via unescaped URL and hostname in curl command.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 10/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via unescaped variables in curl data The `send-test-email.sh` script directly interpolates user-controlled variables (`RECIPIENT`, `SUBJECT`, `MESSAGE`, `FROM`) into a JSON payload within a heredoc passed to `curl`. An attacker could inject shell metacharacters (e.g., backticks, double quotes) into these variables, breaking out of the JSON string and executing arbitrary commands on the host system. Use `jq --arg` for safe JSON construction, similar to `send-html-email.sh`, to properly escape all user-controlled input before passing it to `curl`. Alternatively, ensure all variables are strictly validated and sanitized to prevent shell metacharacters. | LLM | scripts/send-test-email.sh:50 | |
| CRITICAL | Command Injection via unescaped hostname in DNS lookup The `verify-inbound-setup.sh` script directly interpolates the user-controlled `HOSTNAME` variable into `nslookup` and `dig` commands. An attacker could inject shell metacharacters (e.g., `;`, `&&`, `|`) into the `HOSTNAME` argument, leading to arbitrary command execution on the host system. Sanitize the `HOSTNAME` variable to ensure it only contains valid domain name characters before passing it to `nslookup` or `dig`. Consider using a dedicated DNS lookup library or a more robust shell function that strictly validates input. | LLM | scripts/verify-inbound-setup.sh:40 | |
| CRITICAL | Command Injection via unescaped URL and hostname in curl command The `verify-inbound-setup.sh` script directly interpolates the user-controlled `WEBHOOK_URL` and `HOSTNAME` variables into a `curl` command. An attacker could inject shell metacharacters into `WEBHOOK_URL` to execute arbitrary commands, or inject double quotes into `HOSTNAME` to break out of the `-F` argument and potentially inject other `curl` options or shell commands. Sanitize `WEBHOOK_URL` to ensure it is a valid URL and `HOSTNAME` to ensure it contains only valid domain name characters. For `curl` arguments, consider using `printf %q` for shell escaping if direct interpolation is unavoidable, or use a more robust method for constructing the command that avoids direct shell interpolation of untrusted input. | LLM | scripts/verify-inbound-setup.sh:84 |
Scan History
Embed Code
[](https://skillshield.io/report/c55986ab8f1d9c5f)
Powered by SkillShield