Trust Assessment
stegstr received a trust score of 66/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Environment variable used in shell command without sanitization, Unpinned Git repository clone and source override via environment variable.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Environment variable used in shell command without sanitization The `install.sh` script uses the `REPO_URL` environment variable directly in a `git clone` command. If an attacker can control the `STEGSTR_REPO_URL` environment variable, they could inject shell metacharacters (e.g., `;`, `&`, `|`) into the URL, leading to arbitrary command execution on the host system. Avoid using unsanitized environment variables directly in shell commands. If dynamic repository URLs are necessary, implement strict validation to ensure the URL is well-formed and does not contain shell metacharacters. Consider using a fixed, hardcoded repository URL or a more secure method for dynamic source fetching. | LLM | install.sh:14 | |
| HIGH | Unpinned Git repository clone and source override via environment variable The `install.sh` script clones the `Stegstr` repository using `git clone "$REPO_URL" "$INSTALL_DIR"`.
1. The `REPO_URL` defaults to `https://github.com/brunkstr/Stegstr.git` but can be overridden by the `STEGSTR_REPO_URL` environment variable. This allows an attacker to substitute the entire source repository with a malicious one if they can control the environment, leading to a supply chain attack.
2. The `git clone` command does not specify a particular commit hash, tag, or branch (e.g., `--branch <tag>`). This means the installed code is not pinned and can change over time, introducing potential vulnerabilities if the upstream repository is compromised or malicious changes are introduced to the default branch. 1. Disallow overriding the repository URL via environment variables, or implement strict validation for its value. 2. Pin the Git repository to a specific commit hash or tag (e.g., `git clone --depth 1 --branch <tag_or_hash> ...`) to ensure deterministic builds and prevent unexpected code changes. | LLM | install.sh:9 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/brunkstr/stegstr/install.sh:6 |
Scan History
Embed Code
[](https://skillshield.io/report/b03f14268980daea)
Powered by SkillShield