AI Skill Store

AI Agent Skill Marketplace
← Back to Skills

bash-script-linter

v1.0.0 approved Development ⬇ 4 2d ago
USK v3 ✅ Verified ⚡ Auto-Convert
⬇ Download
Install Guide↓
🤖 Agent install commands (curl / MCP / Claude Desktop)
▸ curl one-liner
curl -L -o bash-script-linter.skill   "https://aiskillstore.io/v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=ClaudeCode"
▸ MCP tool call (after registering Skill Store MCP)
{
  "tool": "download_skill",
  "arguments": {
    "skill_id": "15481aa0-1a83-4fd2-957f-ad438a12885c",
    "platform": "ClaudeCode"
  }
}
▸ Claude Desktop / Cursor MCP config (one-time)
{
  "mcpServers": {
    "skill-store": {
      "url": "https://aiskillstore.io/mcp/"
    }
  }
}
📖 Full agent API guide: /llms.txt  ·  MCP server card

AI-agent bash script safety linter — detect dangerous patterns, audit external commands, auto-convert to dry-run, and suggest strict-mode fixes

# bash # shell # security # linter # agent-safety # devops # automation # 배시 # 스크립트 # 보안

Basic Info

Owner 👤 Admin Category Development Registered 2026-05-19 Last Updated 2026-05-19 Latest Version 1.0.0 Packaged At 2026-05-19 Vetting Status approved Downloads 4 Checksum (SHA256) de8f772b14dae956a09167e4696769362f36cadfbb215abeb076bd0c97f31ac1

⚡ AGENT INFO USK v3

Capabilities
bash_safety_scan dangerous_command_detection dry_run_conversion external_command_audit strict_mode_validation
Permissions
✗ network
✗ filesystem
✗ subprocess
Interface
type: cli   entry_point: main.py   runtime: python3   call_pattern: stdin_stdout
Agent API
# 스킬 스키마 조회 (에이전트가 호출 방법을 파악) GET /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/schema # 플랫폼별 자동 변환 다운로드 GET /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=OpenClaw GET /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=ClaudeCode GET /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=ClaudeCodeAgentSkill GET /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=Cursor GET /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=GeminiCLI GET /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=CodexCLI GET /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=CustomAgent

Installation

Compatible Platforms any

1
Install the skill using openclaw_skill_manager.py.
python openclaw_skill_manager.py --install bash-script-linter
2
Verify installation
python openclaw_skill_manager.py --list-installed
3
Install a specific version (optional)
python openclaw_skill_manager.py --install bash-script-linter --version 1.0.0
1
Download the skill package.
curl -O https://aiskillstore.io/v1/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download
2
Place it in the Claude Code commands directory.
unzip bash-script-linter.skill -d ~/.claude/commands/bash-script-linter/
3
Use it as a slash command in Claude Code.
/bash-script-linter
1
Download the Agent Skills package.
curl -O https://aiskillstore.io/v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=ClaudeCodeAgentSkill
2
Unzip it into the Claude Code skills directory.
unzip bash-script-linter-agent-skill-*.skill -d ~/.claude/skills/bash-script-linter/
3
Restart Claude Code — the skill is auto-loaded at session start. No slash command needed.
1
Download the Cursor-converted package.
curl -O https://aiskillstore.io/v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=Cursor
2
Unzip and place it in a permanent location.
unzip bash-script-linter-cursor-*.skill -d ~/.cursor/skills/bash-script-linter/
3
Add the MCP server config to .cursor/mcp.json, then restart Cursor.
cat ~/.cursor/skills/bash-script-linter/cursor_mcp_config.json
1
Download the Gemini CLI-converted package.
curl -O https://aiskillstore.io/v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=GeminiCLI
2
Unzip and place it in a permanent location.
unzip bash-script-linter-geminicli-*.skill -d ~/.gemini/skills/bash-script-linter/
3
Add the MCP server config to ~/.gemini/settings.json, then restart Gemini CLI.
cat ~/.gemini/skills/bash-script-linter/gemini_settings_snippet.json
1
Download the Codex CLI-converted package.
curl -O https://aiskillstore.io/v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download?platform=CodexCLI
2
Unzip and place it in a permanent location.
unzip bash-script-linter-codexcli-*.skill -d ~/.codex/skills/bash-script-linter/
3
Add the MCP server config to ~/.codex/config.toml, then restart Codex CLI.
cat ~/.codex/skills/bash-script-linter/codex_config_snippet.toml
1
Download the skill package via REST API.
GET https://aiskillstore.io/v1/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/download
2
Place it in your agent platform's skills directory.
cp bash-script-linter.skill ./skills/
3
Fetch platform-specific details via the Install Guide API.
GET https://aiskillstore.io/v1/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/install-guide?platform=CustomAgent

Security Vetting Report

Vetting Result APPROVED

Findings: ["메타데이터 경고: 권장 필드 없음: 'requirements' (SKILL.md v2 권장)", "메타데이터 경고: 권장 필드 없음: 'changelog' (SKILL.md v2 권장)"]

✅ No security risks found.

AI Review Stage

Reviewer gemini Risk Level 🟢 Low Review Summary AI 에이전트가 생성한 Bash 스크립트의 안전성을 정적으로 분석하고 위험 요소를 탐지하는 보안 린터 스킬입니다. 선언된 권한을 준수하며 악의적인 코드가 없습니다.
Reasoning

1. **선언된 권한 일치 여부:** 스킬 메타데이터에 `network: false`, `filesystem: false`, `subprocess: false`로 명확히 선언되어 있습니다. 코드(`main.py`, `lib/linter.py`)를 분석한 결과, `sys.stdin`, `sys.stdout`, `os.path` (내부 모듈 로딩 목적) 및 `re` 모듈만 사용하고 있으며, 외부 네트워크 통신, 임의의 파일 시스템 접근, 외부 프로세스 실행 등의 기능은 전혀 사용하지 않아 선언된 권한을 철저히 준수합니다. 2. **악의적 목적의 코드 여부:** 이 스킬의 핵심 기능은 Bash 스크립트 내의 위험한 패턴(예: `rm -rf /`, `curl | sh`, `eval` 등)을 *탐지*하는 것입니다. 코드 자체는 정적 분석 로직으로 구성되어 있으며, 데이터 탈취, 시스템 파괴, 난독화 등 악의적인 목적의 코드는 발견되지 않았습니다. 오히려 스킬의 목적이 다른 스크립트의 보안을 강화하는 데 있습니다. 3. **선언되지 않은 외부 통신 여부:** `network: false` 권한에 따라 외부 통신을 시도하는 코드는 전혀 없으며, `requests`, `urllib`, `socket` 등 네트워크 관련 라이브러리도 사용되지 않습니다. 4. **사용자 데이터 무단 수집/전송 여부:** 스킬은 사용자로부터 Bash 스크립트 내용을 입력받아 로컬에서 정적으로 분석하고, 그 결과를 JSON 형태로 반환합니다. 입력된 스크립트나 분석 결과를 외부로 전송하거나 무단으로 수집하는 기능은 없습니다. 5. **코드 품질 및 목적 일치 여부:** 스킬의 설명과 예시, 그리고 코드 구조가 스킬의 목적(Bash 스크립트 안전성 린터)과 완벽하게 일치합니다. `main.py`는 입출력 및 액션 분기를 담당하고, `lib/linter.py`는 정규 표현식을 활용한 핵심 분석 로직을 포함하여 기능별로 잘 분리되어 있습니다. 코드 가독성이 높고, 오류 처리도 적절하게 구현되어 있습니다. **정적 분석 결과:** 제공된 정적 분석 결과에서도 'approved' 상태이며, 'red_flags_found', 'obfuscation_warnings', 'forbidden_exec_files_found' 항목이 모두 비어 있어 추가적인 위험 요소가 발견되지 않았음을 확인했습니다.

Version History

Version USK v3 Vetting Status Packaged At Downloads Changelog
v1.0.0 approved 2026-05-19 ⬇ 4

Examples 8

Representative input/output examples for this skill. Agents can use these to understand how to invoke the skill and what output to expect.

Scan dangerous deletion and pipe-to-shell patterns

Detect recursive forced deletion and pipe-to-shell patterns in AI-generated scripts

📥 Input
{
  "action": "scan",
  "script": "Bash script containing recursive forced deletion targeting root and curl output piped to shell"
}
📤 Output
{
  "action": "scan",
  "ok": true,
  "result": {
    "finding_count": 2,
    "findings": [
      {
        "line": 2,
        "message": "Detected critical risk: recursive forced deletion targeting root \u2014 will destroy the filesystem",
        "pattern": "recursive force delete root",
        "risk": "critical"
      },
      {
        "line": 3,
        "message": "Detected critical risk: remote code execution via pipe-to-shell",
        "pattern": "curl/wget pipe to shell",
        "risk": "critical"
      }
    ],
    "max_risk": "critical",
    "safe": false
  }
}
Validate strict mode compliance

Check if script uses set -euo pipefail and proper variable quoting

📥 Input
{
  "action": "validate",
  "script": "#!/bin/bash\nFILE=$1\ncp $FILE /tmp/\n"
}
📤 Output
{
  "action": "validate",
  "ok": true,
  "result": {
    "compliant": false,
    "issue_count": 2,
    "issues": [
      {
        "message": "Script does not use \u0027set -euo pipefail\u0027 or equivalent",
        "rule": "MISSING_STRICT_MODE"
      },
      {
        "line": 3,
        "message": "Unquoted variable: $FILE (use double quotes to prevent word-splitting)",
        "rule": "UNQUOTED_VARIABLE"
      }
    ]
  }
}
Convert script to dry-run safe_mode

Replace destructive commands with echo equivalents for safe preview

📥 Input
{
  "action": "safe_mode",
  "script": "Bash script using strict mode that deletes a temp directory and moves an app directory, then echoes done"
}
📤 Output
{
  "action": "safe_mode",
  "ok": true,
  "result": {
    "commands_neutralized": 2,
    "dry_run_script": "Dry-run version of the script with deletion and move commands replaced by echo statements, prefixed with DRY-RUN header",
    "original_lines": 6
  }
}
Audit external commands and risk scores

List all external binaries used and their associated risk level

📥 Input
{
  "action": "audit",
  "script": "Bash deployment script that uses curl to fetch API data, privilege escalation to restart nginx, ssh for remote operations, and echo for status messages"
}
📤 Output
{
  "action": "audit",
  "ok": true,
  "result": {
    "commands": [
      {
        "name": "curl",
        "reason": "Network access \u2014 can exfiltrate data or fetch malicious content",
        "risk": "medium"
      },
      {
        "name": "privilege_escalation_cmd",
        "reason": "Privilege escalation \u2014 bypasses normal permission checks",
        "risk": "high"
      },
      {
        "name": "ssh",
        "reason": "Remote execution \u2014 executes commands on external host",
        "risk": "high"
      },
      {
        "name": "echo",
        "reason": "Safe output command",
        "risk": "low"
      }
    ],
    "risk_summary": {
      "critical": 0,
      "high": 2,
      "low": 1,
      "medium": 1
    },
    "total_commands": 4
  }
}
Auto-fix suggestions

Suggest automatic fixes for common bash safety issues

📥 Input
{
  "action": "fix",
  "script": "#!/bin/bash\nFILE=$1\nif [ $FILE == \u0027\u0027 ]; then\n  echo error\nfi\ncat $FILE\n"
}
📤 Output
{
  "action": "fix",
  "ok": true,
  "result": {
    "fix_count": 3,
    "fixes": [
      {
        "auto_fixable": true,
        "issue": "Missing strict mode",
        "suggestion": "Add \u0027set -euo pipefail\u0027 after shebang line"
      },
      {
        "auto_fixable": true,
        "issue": "Unquoted variable $FILE at line 2",
        "suggestion": "Change to FILE=\"$1\""
      },
      {
        "auto_fixable": true,
        "issue": "Use of [ ] for string comparison",
        "suggestion": "Use [[ ]] for safer string tests"
      }
    ],
    "patched_script": "Script with strict mode header and quoted variables applied"
  }
}
Clean script passes scan

A well-written script should have no findings

📥 Input
{
  "action": "scan",
  "script": "Bash script with strict mode, quoted variable from arg, file existence check, and wc line count \u2014 no dangerous patterns"
}
📤 Output
{
  "action": "scan",
  "ok": true,
  "result": {
    "finding_count": 0,
    "findings": [],
    "max_risk": "none",
    "safe": true
  }
}
Eval detection

Detect dynamic eval of variables — common in AI-generated scripts

📥 Input
{
  "action": "scan",
  "script": "Bash script that fetches a command string from a remote URL and passes it to eval"
}
📤 Output
{
  "action": "scan",
  "ok": true,
  "result": {
    "finding_count": 1,
    "findings": [
      {
        "message": "eval with variable input is critical risk \u2014 arbitrary code execution",
        "pattern": "eval with variable",
        "risk": "critical"
      }
    ],
    "max_risk": "critical",
    "safe": false
  }
}
Error on missing script field

Returns structured error when script is missing

📥 Input
{
  "action": "scan",
  "script": ""
}
📤 Output
{
  "action": "scan",
  "error": {
    "code": "MISSING_FIELD",
    "message": "Field \u0027script\u0027 must not be empty"
  },
  "ok": false
}

All examples are also available via the agent API: /v1/agent/skills/15481aa0-1a83-4fd2-957f-ad438a12885c/schema

Reviews & Ratings

No reviews yet. Be the first to leave one!

✍️ Write a Review