Trust Assessment
shared-memory received a trust score of 28/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 1 critical, 2 high, 2 medium, and 0 low severity. Key findings include Sensitive path access: AI agent config, Sensitive environment variable access: $HOME, Sensitive environment variable access: $USER.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Static Code Analysis layer scored lowest at 56/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Shell Command Injection via Unsanitized User Input The `shared-memory.sh` script directly interpolates user-supplied command-line arguments (e.g., username, group name, key pattern) into strings that are then used to construct JSON payloads. Because these arguments are not sanitized or escaped before interpolation, if they contain shell metacharacters (such as `$(command)` or backticks), the shell will execute these commands before passing the resulting string to `curl`. This allows an attacker to execute arbitrary commands on the system where the skill is run. User-supplied arguments must be properly sanitized and JSON-escaped before being interpolated into shell commands or JSON strings. A robust solution involves using a dedicated JSON parsing utility like `jq` to construct the JSON payload, which handles proper escaping of special characters automatically. Alternatively, manually escape all double quotes and backslashes in the input variables before embedding them into the JSON string. | LLM | scripts/shared-memory.sh:50 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/christinetyip/shared-memory/SKILL.md:90 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/christinetyip/shared-memory/SKILL.md:93 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/christinetyip/shared-memory/scripts/shared-memory.sh:33 | |
| MEDIUM | Sensitive environment variable access: $USER Access to sensitive environment variable '$USER' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/christinetyip/shared-memory/scripts/shared-memory.sh:81 |
Scan History
Embed Code
[](https://skillshield.io/report/790842dfa7b8d1aa)
Powered by SkillShield