Shell Script Admin Safety Reviewer
Review bash and zsh admin scripts for safer quoting, input handling, permissions, and rollout readiness.
- Audit root-level scripts for permission flaws and insecure temp files.
- Generate production readiness checklists and risk notes for change control.
- Modernize legacy shell automation with safer quoting and input validation.
$19.99
· or 100 creditsSecure checkout via Stripe
Included in download
- Audit root-level scripts for permission flaws and insecure temp files.
- Generate production readiness checklists and risk notes for change control.
- terminal automation included
- Ready for Codex CLI
Sample input
Review this script for risks before I deploy it via Jamf: it takes $user_input to clear a cache and writes a log to /tmp/log.sh. Give me a verdict and fix snippets.
Sample output
Verdict: CAUTION [Line 14] Finding: Unquoted variable '$user_input' in 'rm -rf'. Risk: Globbing/Word-splitting. Fix: rm -rf -- "$user_input" [Line 22] Finding: World-readable temp file in /tmp. Fix: Use 'mktemp -t script.XXXXXX'. Rollback: Revert via 'jamf policy -event undo-config'.
Shell Script Admin Safety Reviewer
Review bash and zsh admin scripts for safer quoting, input handling, permissions, and rollout readiness.
$19.99
· or 100 creditsSecure checkout via Stripe
Included in download
- Audit root-level scripts for permission flaws and insecure temp files.
- Generate production readiness checklists and risk notes for change control.
- terminal automation included
- Ready for Codex CLI
- Instant install
Sample input
Review this script for risks before I deploy it via Jamf: it takes $user_input to clear a cache and writes a log to /tmp/log.sh. Give me a verdict and fix snippets.
Sample output
Verdict: CAUTION [Line 14] Finding: Unquoted variable '$user_input' in 'rm -rf'. Risk: Globbing/Word-splitting. Fix: rm -rf -- "$user_input" [Line 22] Finding: World-readable temp file in /tmp. Fix: Use 'mktemp -t script.XXXXXX'. Rollback: Revert via 'jamf policy -event undo-config'.
Screenshots
About This Skill
Defensive review for admin shell scripts
Shell Script Admin Safety Reviewer reviews bash, zsh, and sh admin scripts before deployment. It focuses on maintainable fixes for quoting, input handling, permissions, temporary files, logging, and rollout readiness.
What it checks
- Word splitting, globbing, and command substitution mistakes.
- User input, path, and argument validation.
- Root context, sudo usage, umask, ownership, and file permissions.
- Temporary file hygiene, cleanup, and predictable path concerns.
- Logging patterns that may expose sensitive input.
Boundaries
This is a defensive review tool for authorized scripts. Use redacted examples when private values are present. It does not provide unauthorized access guidance.
Output
You get a ready, caution, or hold verdict, line-focused findings, safer replacement snippets, test cases, and rollback notes.
Use Cases
- Audit root-level scripts for permission flaws and insecure temp files.
- Generate production readiness checklists and risk notes for change control.
- Modernize legacy shell automation with safer quoting and input validation.
- Harden help desk support tools to prevent unintended privilege escalation.
- Create test cases and rollback procedures for infrastructure deployments.
Known Limitations
- Does not perform live environment testing or dynamic analysis. - Cannot detect logic errors in non-standard third-party CLI tools. - Limited effectiveness on obfuscated or minified scripts.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/shell-script-admin-safety-reviewer -o /tmp/shell-script-admin-safety-reviewer.zip && unzip -o /tmp/shell-script-admin-safety-reviewer.zip -d ~/.claude/skills && rm /tmp/shell-script-admin-safety-reviewer.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
No runtime dependencies. Works with SKILL.md-compatible agents including Claude Code, Codex CLI, Cursor, VS Code Copilot, Gemini CLI, and OpenClaw. Use authorized, redacted scripts when private values are present.