What does this skill prevent?

It prevents command injection vulnerabilities where malicious input could execute unauthorized commands via subshells, backticks, or variable expansion.

Does this validation break normal shell script usage?

No, it is designed to allow normal text, spaces, and common punctuation while only blocking specific syntax patterns that are common vectors for shell attacks.

Which patterns are specifically rejected?

The skill identifies and rejects newlines, backticks (`), command substitution ($()), and variable expansion (${}) to ensure input is treated as literal text.

Where should I place the validation code in my script?

Validation should be placed immediately after argument parsing is complete and before the input is passed to any function, subshell, or external command.

Shell Script Input Validation

Name: Shell Script Input Validation
Author: manifoldlogic

bymanifoldlogic

0•

セキュリティとテスト

Protects shell scripts from command injection vulnerabilities by validating user-provided input against dangerous patterns.

This skill provides a standardized pattern for securing shell scripts that accept user input, such as task descriptions or file paths. It implements specific validation checks to detect and reject dangerous patterns including newline injection, command substitution (backticks and $() syntax), and variable expansion (${}). By integrating these checks early in the script execution flow, developers can prevent malicious strings from being executed in subshells or external programs, ensuring robust security for automated environments and multi-user scripts.

主な機能

01Command injection prevention

02Detection of backticks and subshell syntax

030 GitHub stars

04Standardized error reporting integration

05Variable expansion protection

06Newline injection validation

ユースケース

01Hardening DevOps scripts that process dynamic user parameters

02Securing shell-based wrappers for CLI tools

03Validating task descriptions in automation scripts

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add manifoldlogic/claude-code-plugins shell-script-input-validation

For use in Claude.ai and ChatGPT

主な機能

01Command injection prevention

02Detection of backticks and subshell syntax

030 GitHub stars

04Standardized error reporting integration

05Variable expansion protection

06Newline injection validation

ユースケース

01Hardening DevOps scripts that process dynamic user parameters

02Securing shell-based wrappers for CLI tools

03Validating task descriptions in automation scripts

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add manifoldlogic/claude-code-plugins shell-script-input-validation

For use in Claude.ai and ChatGPT