Skill

command-injection

Detects OS command injection in JavaScript, TypeScript, Python, Go, Ruby, PHP via shell sinks like exec/system/popen. Traces user input, checks sanitization/argument injection for RCE in CLI wrappers.

Javascript

Typescript

Python

Ruby

security

npx claudepluginhub byamb4/find-cve-agent

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Audit any package that wraps CLI tools, runs build commands, processes files via external programs, or interfaces with git/ffmpeg/imagemagick/pandoc/etc.

Supporting Assets

references/false-positive-indicators.mdreferences/poc-skeleton.mdreferences/sinks.md

SKILL.md

Similar Skills

check-command-injection

Analyzes PHP code for command injection vulnerabilities. Detects unsafe shell_exec, exec, system, passthru, backticks, popen/proc_open with user input and missing escapeshellarg/escapeshellcmd.

acc

security-scan

Scans Python, PowerShell, Bash, and C# files for CWE-22 path traversal and CWE-78 command injection vulnerabilities before PR submission or as pre-commit gate.

3 files

copilot-cli-toolkit

security-scan

Scans Python, PowerShell, Bash, and C# files for CWE-22 path traversal and CWE-78 command injection vulnerabilities using lightweight pattern matching before PR submission or pre-commit.

project-toolkit

Stats

Stars18

Forks2

Last CommitMar 20, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Command Injection Detection

When to Use

Audit any package that wraps CLI tools, runs build commands, processes files via external programs, or interfaces with git/ffmpeg/imagemagick/pandoc/etc.

CVSS is typically CRITICAL 9.8 for confirmed RCE.

Key Distinctions

Command Injection vs Argument Injection

Command injection: Attacker breaks out of the intended command entirely (; rm -rf /)
Argument injection: Attacker adds flags to the intended command (--upload-pack=malicious)
Both are reportable. Command injection is CRITICAL, argument injection is HIGH.

Shell vs No-Shell Execution

Shell execution (exec, system, os.popen): Command string passed to shell interpreter. Metacharacters (;, |, &&, backticks, $()) are interpreted. DANGEROUS.
Direct execution (execFile, spawn without shell, subprocess with list args): Arguments passed directly to the program. No shell interpretation. SAFER but argument injection may still work.

Process

Step 1: Find Shell Execution Sinks

# JavaScript/TypeScript — look for child_process usage
grep -rn "child_process" .
grep -rn "\.exec\('" .
grep -rn "\.execSync\(" .
grep -rn "spawn.*shell.*true" .
grep -rn "shelljs" .

# Python
grep -rn "os\.system\|os\.popen" .
grep -rn "subprocess.*shell.*True" .
grep -rn "commands\.getoutput\|commands\.getstatusoutput" .

# Go
grep -rn 'exec\.Command.*"bash"\|exec\.Command.*"sh"' .

# Ruby
grep -rn "system(\|%x{" . --include="*.rb"
grep -rn "IO\.popen\|Open3" .

# PHP
grep -rn "system(\|passthru(\|shell_exec(\|popen(" .
grep -rn "proc_open\|pcntl_exec" .

Step 2: Trace User Input to Sink

For each sink:

What command string is constructed?
Is any part from user input (HTTP params, filenames, config values)?
Is the user input interpolated into a shell string or passed as an argument array?

Step 3: Check Sanitization

grep -rn "escapeshellarg\|escapeshellcmd\|shlex\.quote\|shellescape" .
grep -rn "sanitize\|escape\|clean\|validate" .

Verify sanitization is:

Applied to ALL user-controlled parts (not just some)
Using the right function (escapeshellarg vs escapeshellcmd)
Not bypassable (blocklists are almost always bypassable)

Step 4: Check for Argument Injection

Even with execFile/spawn (no shell), check for:

--flag injection: user input starts with - or --
Git-specific: --upload-pack, -c core.fsmonitor, --config
Arguments that accept commands: --exec, --filter, --diff-filter
Double-dash (--) separator missing before user-controlled args

Common Vulnerable Patterns

Pattern 1: String Interpolation in Shell Execution

// VULNERABLE — shell interprets metacharacters
const cp = require('child_process');
cp.exec(`convert ${inputFile} ${outputFile}`);
// Exploit: inputFile = "; id; #"

Pattern 2: Filename-Based Injection

cp.exec(`file "${filename}"`);
// Exploit: filename = '$(id).txt' or filename = '"; id; #"'

Pattern 3: Git Argument Injection

// Even without shell, git interprets dangerous flags
cp.execFile('git', ['clone', userUrl, '--config', 'core.fsmonitor=id']);

Pattern 4: Environment Variable Injection

cp.exec(command, { env: { ...process.env, USER_INPUT: untrusted } });
// If command references $USER_INPUT or uses env vars unsafely

Pattern 5: Newline Injection

cp.execFile('program', ['--option=' + userInput]);
// Exploit: userInput = "value\n--dangerous-flag"

Grep Patterns by Vulnerability Type

Direct Shell Injection

grep -rn "exec\(.*\+" .        # String concatenation in exec
grep -rn "exec\(.*\$\{" .      # Template literal in exec
grep -rn "exec\(.*%" .         # Format string in exec (Python)

Argument Injection

grep -rn "execFile\|spawn" .
# Then check if user input is in the args array without -- separator

CVSS Guidance

Unauthenticated RCE: CRITICAL 9.8
Authenticated RCE (low-priv): HIGH 8.8
Argument injection (limited impact): HIGH 7.5-8.1
Requires specific config/setup: HIGH 7.2 (AC:H)

References

Sinks — Shell execution sinks by language
False Positive Indicators — When this isn't exploitable
PoC Skeleton — Command injection PoC template