Trust Assessment
x-followings-digest received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unsanitized user input leads to command injection in shell script, Sensitive X/Twitter credentials exposed to command injection vulnerability, Unspecified dependency installation for `bird` CLI.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Unsanitized user input leads to command injection in shell script The `scripts/fetch_followings_tweets.sh` script directly interpolates the user-provided `$LIMIT` argument (from `$1`) into the `bird` command without proper sanitization or quoting. An attacker can inject shell metacharacters (e.g., `;`, `|`, `&`, `$(...)`) into the `$LIMIT` argument to execute arbitrary commands on the host system. For example, passing `50; rm -rf /` as the first argument would attempt to delete the root directory after the `bird` command. Sanitize the `$LIMIT` variable to ensure it contains only valid integer values before passing it to the `bird` command. A robust way is to use parameter expansion to remove non-digit characters or explicitly cast to an integer. For example, `LIMIT=${LIMIT//[^0-9]/}` or `LIMIT=$((LIMIT + 0))` to force integer conversion and error on non-numeric input. Alternatively, use `printf %q` if the argument needs to be a quoted string, but for a numerical limit, integer validation is more appropriate. | LLM | scripts/fetch_followings_tweets.sh:22 | |
| HIGH | Sensitive X/Twitter credentials exposed to command injection vulnerability The skill requires `AUTH_TOKEN` and `CT0` environment variables, which are sensitive X/Twitter authentication tokens. These credentials are used by the `bird` CLI within `scripts/fetch_followings_tweets.sh`. Due to the identified command injection vulnerability (SS-CMD-001), an attacker could exploit the script to execute arbitrary commands, potentially leading to the exfiltration of these sensitive environment variables or other data accessible to the script. Address the underlying command injection vulnerability (SS-CMD-001) to prevent unauthorized access to the execution environment. Additionally, consider best practices for handling sensitive credentials, such as using a secure credential store or short-lived tokens, and ensuring that external tools like `bird` CLI are configured to access credentials securely and with minimal scope. | LLM | scripts/fetch_followings_tweets.sh:11 | |
| MEDIUM | Unspecified dependency installation for `bird` CLI The skill depends on the `bird` CLI (X/Twitter client) but does not provide specific, secure installation instructions (e.g., recommended version, trusted source, or integrity verification). This introduces a supply chain risk, as users might install a compromised or malicious version of `bird` CLI, which could then exfiltrate sensitive data (including the `AUTH_TOKEN` and `CT0` credentials) or execute arbitrary code on the user's system. Provide clear and secure installation instructions for the `bird` CLI. This should include specifying a recommended version, a trusted source (e.g., official GitHub repository), and ideally, instructions for verifying the integrity of the installed tool (e.g., using checksums or cryptographic signatures). | LLM | SKILL.md:49 |
Scan History
Embed Code
[](https://skillshield.io/report/070e461ef32ed8cb)
Powered by SkillShield