Security Audit

caam

github.com/Mrc220/agent_flywheel_clawdbot_skills_and_integrations

AI SkillCommit c7bd8e0f6900

CAUTION

Scanned 9 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

caam received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Supply Chain Risk: Unverified Source and Unpinned Remote Execution, Supply Chain Risk: Unpinned Go Module Installation.

The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, static_code_analysis, dependency_graph. The llm_behavioral_safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 11, 2026 (commit c7bd8e0f). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Network Access

2 findings

Shell Execution

1 finding

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Supply Chain Risk: Unverified Source and Unpinned Remote Execution The skill's metadata indicates it is from 'https://github.com/Mrc220/agent_flywheel_clawdbot_skills_and_integrations'. However, the recommended installation method instructs the user to download and execute a script directly from a different, unverified GitHub repository ('https://raw.githubusercontent.com/Dicklesworthstone/coding_agent_account_manager/main/install.sh'). This discrepancy creates a significant supply chain risk, as the user is directed to install software from a source not directly associated with the skill's declared origin. Furthermore, the installation command uses `curl ... \| bash` which pipes a remote script directly into the shell without prior review, and includes a cache-busting mechanism (`?$(date +%s)`) that prevents pinning to a specific version, meaning the script's content could change maliciously at any time without user awareness. Ensure the installation source matches the skill's declared repository. Pin the installation script to a specific commit hash or version tag to prevent unexpected changes. Avoid piping remote scripts directly to `bash`; instead, recommend downloading, reviewing, and then executing the script.	Unknown	SKILL.md:60
HIGH	Supply Chain Risk: Unpinned Go Module Installation The alternative installation method using `go install` specifies `@latest` for the module version. This means the installation will always fetch the most recent version of the `caam` tool, which introduces a supply chain risk. If a malicious update is pushed to the `main` branch of the `Dicklesworthstone/coding_agent_account_manager` repository, users following this instruction would automatically install it without explicit review or version control. Recommend pinning the Go module installation to a specific version tag (e.g., `@v1.2.3`) or commit hash to ensure reproducible and verifiable builds, mitigating the risk of unexpected or malicious updates.	Unknown	SKILL.md:270

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/a7c2c298b36b0ced.svg)](https://skillshield.io/report/a7c2c298b36b0ced)