Security Audit
ntm
github.com/Mrc220/agent_flywheel_clawdbot_skills_and_integrationsTrust Assessment
ntm received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 1 high, 2 medium, and 1 low severity. Key findings include Unpinned Remote Script Execution (curl | bash), Unpinned Dependency Installation (Go @latest), Unpinned Docker Image Pull (:latest tag).
The analysis covered 4 layers: llm_behavioral_safety, static_code_analysis, dependency_graph, manifest_analysis. The static_code_analysis layer scored lowest at 69/100, indicating areas for improvement.
Last analyzed on February 11, 2026 (commit c7bd8e0f). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned Remote Script Execution (curl | bash) The skill recommends installing the `ntm` tool by piping a remote script directly to `bash`. This method is highly insecure as the script's content can change at any time on the remote server, potentially introducing malicious code without the user's knowledge or consent. There is no version pinning or integrity check. Avoid `curl | bash` for installation. Recommend using a package manager with cryptographic verification, or at minimum, advise users to inspect the script content before execution and provide a checksum for verification. Pin to a specific version or commit hash. | Unknown | SKILL.md:40 | |
| MEDIUM | Unpinned Dependency Installation (Go @latest) The skill recommends installing the `ntm` tool using `go install ...@latest`. This practice pulls the most recent version from the `main` branch, which can change without notice. Future updates to the upstream repository could introduce breaking changes or vulnerabilities without explicit user action to upgrade to a specific, reviewed version. Recommend pinning dependencies to specific versions (e.g., `go install ...@v1.2.3`) to ensure reproducibility and prevent unexpected changes from upstream. Advise users to review release notes before upgrading. | Unknown | SKILL.md:314 | |
| MEDIUM | Unpinned Docker Image Pull (:latest tag) The skill recommends pulling a Docker image using the `:latest` tag. Similar to unpinned Go dependencies, the `latest` tag can be updated at any time, meaning subsequent pulls might retrieve different image contents. This can lead to inconsistent environments, unexpected behavior, or the introduction of vulnerabilities without explicit user awareness. Recommend pulling Docker images by their specific version tags (e.g., `ghcr.io/dicklesworthstone/ntm:1.2.3`) or by their digest (SHA256) to ensure immutability and reproducibility. Advise users to review image contents or release notes before deploying. | Unknown | SKILL.md:317 | |
| LOW | Documentation of Excessive Agent Permissions The skill's configuration example shows agents being launched with flags like `--dangerously-skip-permissions`, `--dangerously-bypass-approvals-and-sandbox`, and `--yolo`. While this is documentation of the `ntm` tool's capabilities and not an action taken by the skill itself, it highlights that the tool can be configured to operate with significantly reduced security controls. Users configuring `ntm` with these options would expose their environment to high risk from the managed AI agents. While this is documentation, it's crucial to emphasize the severe security implications of using such flags. The documentation should strongly warn users against using these flags in production or sensitive environments, and ideally, suggest alternative, more secure configurations or mitigation strategies within the `ntm` tool itself. | Unknown | SKILL.md:290 |
Scan History
Embed Code
[](https://skillshield.io/report/b0214503b2c5b80d)
Powered by SkillShield