Trust Assessment
clawdbot-release-check received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 0 critical, 0 high, 5 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Insecure temporary file creation in check.sh, Insecure temporary file creation in setup.sh.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 1, 2026 (commit a4d31ad1). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | clawdbot/clawdbot-release-check/scripts/check.sh:7 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | clawdbot/clawdbot-release-check/scripts/setup.sh:43 | |
| MEDIUM | Insecure temporary file creation in check.sh The script writes to a predictable temporary file path `/tmp/cache-update.json` in the shared `/tmp` directory. A local attacker could exploit this via a symlink attack to overwrite arbitrary files owned by the user running the script. Use `mktemp` to create a secure temporary file, or write the temporary file to a secure user-owned directory like `$STATE_DIR`. | LLM | scripts/check.sh:131 | |
| MEDIUM | Insecure temporary file creation in setup.sh The setup script writes to a predictable temporary file path `/tmp/cron-updated.json` in the shared `/tmp` directory. A local attacker could exploit this via a symlink attack to overwrite arbitrary files owned by the user running the script. Use `mktemp` to create a secure temporary file, or write the temporary file to a secure user-owned directory like `${HOME}/.clawdbot`. | LLM | scripts/setup.sh:46 | |
| MEDIUM | Repository mismatch between manifest and script implementation The skill manifest and description claim to check for 'OpenClaw' releases (pointing to `https://github.com/openclaw/openclaw`), but the actual script implementation queries the GitHub API for `clawdbot/clawdbot` and references `clawdbot` directories. This mismatch could mislead users into monitoring or trusting the wrong repository. Align the repository URL and names in the scripts with the official OpenClaw repository specified in the manifest, or update the manifest to accurately reflect the monitored repository. | LLM | scripts/check.sh:15 |
Scan History
Embed Code
[](https://skillshield.io/report/9fa229e7b141e8c2)
Powered by SkillShield