Trust Assessment
xmtp-cli-debug received a trust score of 90/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via XMTP CLI arguments.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via XMTP CLI arguments The skill describes executing `xmtp debug` commands with arguments such as `--address` and `--inbox-id`. If these arguments are derived directly from untrusted user input without proper sanitization or validation, an attacker could inject malicious shell commands. This could lead to arbitrary code execution on the host system, compromising the agent or its environment. Ensure all user-provided arguments passed to `xmtp` CLI commands are strictly validated and sanitized. When executing external commands, use a safe method like `subprocess.run` with `shell=False` and pass arguments as a list, rather than constructing a shell command string via direct interpolation. Implement robust input validation to restrict argument values to expected formats (e.g., valid Ethereum addresses or inbox IDs). | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/4fdabf1ade43db19)
Powered by SkillShield