Skip to main content

shell-scripting-bash-pro

Enhances Bash scripting for production automation and CI/CD with best practices for safety, portability, and testing.

Install this skill

or
0/100

Security score

The shell-scripting-bash-pro skill was audited on Feb 27, 2026 and we found 18 security issues across 2 threat categories, including 13 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 50

Template literal with variable interpolation in command context

SourceSKILL.md
50- Validate inputs with `: "${VAR:?message}"` for required environment variables
high line 55

Template literal with variable interpolation in command context

SourceSKILL.md
55- Implement robust script directory detection: `SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P)"`
high line 99

Template literal with variable interpolation in command context

SourceSKILL.md
99- Validate environment variables before using: `: "${REQUIRED_VAR:?not set}"`
high line 106

Template literal with variable interpolation in command context

SourceSKILL.md
106- Use Bash built-ins over external commands: `[[ ]]` instead of `test`, `${var//pattern/replacement}` instead of `sed`
high line 134

Template literal with variable interpolation in command context

SourceSKILL.md
134- **Bash 5.0**: Associative array improvements, `${var@U}` uppercase conversion, `${var@L}` lowercase
high line 135

Template literal with variable interpolation in command context

SourceSKILL.md
135- **Bash 5.1**: Enhanced `${parameter@operator}` transformations, `compat` shopt options for compatibility
high line 137

Template literal with variable interpolation in command context

SourceSKILL.md
137- Check version before using modern features: `[[ ${BASH_VERSINFO[0]} -ge 5 && ${BASH_VERSINFO[1]} -ge 2 ]]`
high line 138

Template literal with variable interpolation in command context

SourceSKILL.md
138- Use `${parameter@Q}` for shell-quoted output (Bash 4.4+)
high line 139

Template literal with variable interpolation in command context

SourceSKILL.md
139- Use `${parameter@E}` for escape sequence expansion (Bash 4.4+)
high line 140

Template literal with variable interpolation in command context

SourceSKILL.md
140- Use `${parameter@P}` for prompt expansion (Bash 4.4+)
high line 141

Template literal with variable interpolation in command context

SourceSKILL.md
141- Use `${parameter@A}` for assignment format (Bash 4.4+)
high line 272

Template literal with variable interpolation in command context

SourceSKILL.md
272- **Parameter Expansion**: `${filename%.sh}` remove extension, `${path##*/}` basename, `${text//old/new}` replace all
high line 275

Template literal with variable interpolation in command context

SourceSKILL.md
275- **Co-processes**: `coproc proc { cmd; }; echo "data" >&"${proc[1]}"; read -u "${proc[0]}" result` for bidirectional pipes
low line 290

External URL reference

SourceSKILL.md
290- [Google Shell Style Guide](https://google.github.io/styleguide/shellguide.html) - Comprehensive style guide covering quoting, arrays, and when to use shell
low line 291

External URL reference

SourceSKILL.md
291- [Bash Pitfalls](https://mywiki.wooledge.org/BashPitfalls) - Catalog of common Bash mistakes and how to avoid them
low line 292

External URL reference

SourceSKILL.md
292- [Bash Hackers Wiki](https://wiki.bash-hackers.org/) - Comprehensive Bash documentation and advanced techniques
low line 293

External URL reference

SourceSKILL.md
293- [Defensive BASH Programming](https://www.kfirlavi.com/blog/2012/11/14/defensive-bash-programming/) - Modern defensive programming patterns
low line 301

External URL reference

SourceSKILL.md
301- [bashly](https://bashly.dannyb.co/) - Modern Bash CLI framework generator
Scanned on Feb 27, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
openclawdevopsbackenddevops-srebackend-developertechnical-pmdevelopmentproduct
diegosouzapw/awesome-omni-skill