First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
4
Score
92/100
Findings (4)
Detects skills instructing agents to use Bash/shell tools for command execution
use the Bash tool to executeRestrict the shell tool to specific allowlisted commands using a command prefix or regex filter. Avoid granting broad shell access in agent tool definitions.
Likely FP if the skill is a development environment tool where shell access is the intended and documented core feature.
Detects execution of shell script files via bash/sh command or direct invocation
bash /Users/jamesrochabrun/Desktop/skills/skills/math-teacher/scripts/generate_game.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.
Detects execution of shell script files via bash/sh command or direct invocation
bash /Users/jamesrochabrun/Desktop/skills/skills/math-teacher/scripts/generate_playground.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.
Detects execution of shell script files via bash/sh command or direct invocation
bash /Users/jamesrochabrun/Desktop/skills/skills/math-teacher/scripts/generate_quiz.shReplace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.
Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.