Security Audit
RioTheGreat-ai/agentfund-skill:root
github.com/RioTheGreat-ai/agentfund-skillTrust Assessment
RioTheGreat-ai/agentfund-skill:root received a trust score of 49/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 0 critical, 2 high, 3 medium, and 0 low severity. Key findings include Missing required field: name, Command Injection via 'bc' arithmetic, Reflected Command Injection in User Instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Static Code Analysis layer scored lowest at 49/100, indicating areas for improvement.
Last analyzed on February 28, 2026 (commit 529bc991). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection via 'bc' arithmetic The script directly uses user-provided milestone amounts (`$amt`) in an arithmetic calculation piped to `bc`. If a user provides input containing shell command substitutions (e.g., `$(evil_command)`), the shell will execute the injected command before passing the result to `bc`. Sanitize user input to ensure it contains only valid numeric characters before performing arithmetic operations. Alternatively, use a safer method for floating-point arithmetic in shell scripts that does not involve direct shell evaluation of input, or strictly validate input format. | Static | scripts/create-proposal.sh:19 | |
| HIGH | Command Injection via 'bc' arithmetic The script directly uses user-provided ETH amount (`$AMOUNT_ETH`) in an arithmetic calculation piped to `bc`. If a user provides input containing shell command substitutions (e.g., `$(evil_command)`), the shell will execute the injected command before passing the result to `bc`. Sanitize user input to ensure it contains only valid numeric characters before performing arithmetic operations. Alternatively, use a safer method for floating-point arithmetic in shell scripts that does not involve direct shell evaluation of input, or strictly validate input format. | Static | scripts/fund-project.sh:17 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | SKILL.md:1 | |
| MEDIUM | Reflected Command Injection in User Instructions The script constructs a `cast send` command string for the user to execute, incorporating user-provided input (`$PROJECT_ID`, `$AMOUNT_ETH`) without sanitization. If the user's input contains shell metacharacters and they copy-paste and execute the suggested command, it could lead to command injection on their local system. Sanitize or escape user-provided variables (`$PROJECT_ID`, `$AMOUNT_ETH`) when constructing command examples for the user. Alternatively, add a prominent warning to the user about the dangers of executing commands with untrusted input. | Static | scripts/fund-project.sh:29 | |
| MEDIUM | Reflected Command Injection in User Instructions The script constructs a `cast send` command string for the user to execute, incorporating user-provided input (`$PROJECT_ID`, `$MILESTONE`) without sanitization. If the user's input contains shell metacharacters and they copy-paste and execute the suggested command, it could lead to command injection on their local system. Sanitize or escape user-provided variables (`$PROJECT_ID`, `$MILESTONE`) when constructing command examples for the user. Alternatively, add a prominent warning to the user about the dangers of executing commands with untrusted input. | Static | scripts/request-release.sh:42 |
Scan History
Embed Code
[](https://skillshield.io/report/df7181d07bfdbce4)
Powered by SkillShield