Trust Assessment
wienerlinien received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 4 critical, 0 high, 0 medium, and 0 low severity. Key findings include Command Injection via unsanitized user input in URL parameter, Command Injection via unsanitized user input in `grep` command.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via unsanitized user input in URL parameter The `departures.sh` script constructs a URL by directly concatenating user-provided `STOP_ID` values from command-line arguments (`$@`) into the `PARAMS` variable. This `PARAMS` variable is then interpolated into the `URL` string, which is subsequently executed by `curl`. An attacker can inject shell metacharacters (e.g., `;`, `|`, `&`, `$()`, `` ` ``) into the `STOP_ID` arguments, leading to arbitrary command execution on the host system. User input must be properly URL-encoded before being included in the URL string. For shell scripts, this often involves using a utility to encode the string or ensuring that arguments are passed to `curl` in a way that prevents shell interpretation (e.g., using `--data-urlencode` for POST requests, or manually encoding for GET parameters). | LLM | departures.sh:17 | |
| CRITICAL | Command Injection via unsanitized user input in URL parameter The `disruptions.sh` script constructs a URL by directly concatenating user-provided `LINE` values from command-line arguments (`$@`) into the `PARAMS` variable. This `PARAMS` variable is then interpolated into the `URL` string, which is subsequently executed by `curl`. An attacker can inject shell metacharacters (e.g., `;`, `|`, `&`, `$()`, `` ` ``) into the `LINE` arguments, leading to arbitrary command execution on the host system. User input must be properly URL-encoded before being included in the URL string. For shell scripts, this often involves using a utility to encode the string or ensuring that arguments are passed to `curl` in a way that prevents shell interpretation (e.g., using `--data-urlencode` for POST requests, or manually encoding for GET parameters). | LLM | disruptions.sh:13 | |
| CRITICAL | Command Injection via unsanitized user input in URL parameter The `elevators.sh` script directly interpolates the first command-line argument (`$1`) into the `URL` string. This `URL` is then executed by `curl`. An attacker can inject shell metacharacters (e.g., `;`, `|`, `&`, `$()`, `` ` ``) into `$1`, leading to arbitrary command execution on the host system. User input must be properly URL-encoded before being included in the URL string. For shell scripts, this often involves using a utility to encode the string or ensuring that arguments are passed to `curl` in a way that prevents shell interpretation (e.g., using `--data-urlencode` for POST requests, or manually encoding for GET parameters). | LLM | elevators.sh:9 | |
| CRITICAL | Command Injection via unsanitized user input in `grep` command The `search-stop.sh` script directly interpolates the user-provided `QUERY` variable (from `$1`) into the `grep -i "$QUERY"` command. An attacker can inject shell metacharacters (e.g., `;`, `|`, `&`, `$()`, `` ` ``) into the `QUERY` argument, leading to arbitrary command execution on the host system. User input must be properly quoted or sanitized when used as an argument to shell commands. For `grep`, using `grep -F` (fixed strings) is recommended if exact matching is desired, as it treats the pattern as a literal string and prevents interpretation of special regex characters or shell metacharacters. If regex matching is strictly required, the input must be explicitly escaped for regex special characters. | LLM | search-stop.sh:15 |
Scan History
Embed Code
[](https://skillshield.io/report/e7bb47c2327c4a10)
Powered by SkillShield