Security Audit

adhd-founder-planner

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

adhd-founder-planner received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 9 findings: 2 critical, 6 high, 1 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Command Injection via user input in arithmetic comparison, Command Injection via user input in case statement.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

93%

Dependency Graph

100%

LLM Behavioral Safety

Behavioral Risk Signals

Filesystem Write

6 findings

Shell Execution

9 findings

Dynamic Code

8 findings

Excessive Permissions

1 finding

Security Findings9

Severity	Finding	Layer	Location
CRITICAL	Command Injection via user input in arithmetic comparison The `ENERGY` variable, which directly captures user input, is used without proper sanitization in a shell arithmetic comparison (`[ "$ENERGY" -ge 8 ]`). An attacker can inject arbitrary shell commands by providing input like `8; rm -rf /` which will be executed by the shell. Sanitize or validate user input for `ENERGY` to ensure it contains only numeric characters before using it in shell arithmetic. A common approach is to use `[[ $ENERGY =~ ^[0-9]+$ ]]` to check if it's a number, or cast it to an integer if the shell supports it, or use a safer language for input processing.	LLM	scripts/plan.sh:147
CRITICAL	Command Injection via user input in case statement The `DOPAMINE_CHOICE` variable, which directly captures user input, is used without proper sanitization in a shell `case` statement (`case $DOPAMINE_CHOICE in`). An attacker can inject arbitrary shell commands by providing input like `1; rm -rf /` which will be executed by the shell. Sanitize or validate user input for `DOPAMINE_CHOICE` to ensure it contains only expected numeric characters before using it in a `case` statement. For example, check if it's one of the expected numbers (1-7) using a regex or explicit comparison.	LLM	scripts/plan.sh:178
HIGH	Command Injection via unsanitized user input in `sed -i` Multiple instances of `sed -i` commands directly embed unsanitized user input (e.g., `$ONE_THING`, `$RAPID_LOG`, `$TASK_ITEM`, etc.). An attacker can craft malicious input containing `sed` commands or special characters (like newlines, backslashes, or the delimiter `\|`) to perform arbitrary file modifications, data exfiltration, or potentially command execution depending on the `sed` version and environment. This specific instance uses `$ONE_THING` from user input. Avoid directly embedding unsanitized user input into `sed` commands. Instead, use a safer method for file modification, such as reading the file line by line, performing string replacements in memory, and then writing the modified content back to a temporary file before replacing the original. If `sed` must be used, escape all special characters in the user input that could be interpreted by `sed` (e.g., `&`, `/`, `\`, `\|`, ` `).	LLM	scripts/plan.sh:159
HIGH	Command Injection via unsanitized user input in `sed -i` Multiple instances of `sed -i` commands directly embed unsanitized user input (e.g., `$ONE_THING`, `$RAPID_LOG`, `$TASK_ITEM`, etc.). An attacker can craft malicious input containing `sed` commands or special characters (like newlines, backslashes, or the delimiter `\|`) to perform arbitrary file modifications, data exfiltration, or potentially command execution depending on the `sed` version and environment. This specific instance uses `$RAPID_LOG` from user input. Avoid directly embedding unsanitized user input into `sed` commands. Instead, use a safer method for file modification, such as reading the file line by line, performing string replacements in memory, and then writing the modified content back to a temporary file before replacing the original. If `sed` must be used, escape all special characters in the user input that could be interpreted by `sed` (e.g., `&`, `/`, `\`, `\|`, ` `).	LLM	scripts/plan.sh:196
HIGH	Command Injection via unsanitized user input in `sed -i` Multiple instances of `sed -i` commands directly embed unsanitized user input (e.g., `$ONE_THING`, `$RAPID_LOG`, `$TASK_ITEM`, etc.). An attacker can craft malicious input containing `sed` commands or special characters (like newlines, backslashes, or the delimiter `\|`) to perform arbitrary file modifications, data exfiltration, or potentially command execution depending on the `sed` version and environment. This specific instance uses `$TASK_ITEM` from user input. Avoid directly embedding unsanitized user input into `sed` commands. Instead, use a safer method for file modification, such as reading the file line by line, performing string replacements in memory, and then writing the modified content back to a temporary file before replacing the original. If `sed` must be used, escape all special characters in the user input that could be interpreted by `sed` (e.g., `&`, `/`, `\`, `\|`, ` `).	LLM	scripts/plan.sh:235
HIGH	Command Injection via unsanitized user input in `sed -i` Multiple instances of `sed -i` commands directly embed unsanitized user input (e.g., `$ONE_THING`, `$RAPID_LOG`, `$TASK_ITEM`, etc.). An attacker can craft malicious input containing `sed` commands or special characters (like newlines, backslashes, or the delimiter `\|`) to perform arbitrary file modifications, data exfiltration, or potentially command execution depending on the `sed` version and environment. This specific instance uses `$TASK_TO_MARK` from user input. Avoid directly embedding unsanitized user input into `sed` commands. Instead, use a safer method for file modification, such as reading the file line by line, performing string replacements in memory, and then writing the modified content back to a temporary file before replacing the original. If `sed` must be used, escape all special characters in the user input that could be interpreted by `sed` (e.g., `&`, `/`, `\`, `\|`, ` `).	LLM	scripts/plan.sh:244
HIGH	Command Injection via unsanitized user input in `sed -i` Multiple instances of `sed -i` commands directly embed unsanitized user input (e.g., `$ONE_THING`, `$RAPID_LOG`, `$TASK_ITEM`, etc.). An attacker can craft malicious input containing `sed` commands or special characters (like newlines, backslashes, or the delimiter `\|`) to perform arbitrary file modifications, data exfiltration, or potentially command execution depending on the `sed` version and environment. This specific instance uses `$WIN` from user input. Avoid directly embedding unsanitized user input into `sed` commands. Instead, use a safer method for file modification, such as reading the file line by line, performing string replacements in memory, and then writing the modified content back to a temporary file before replacing the original. If `sed` must be used, escape all special characters in the user input that could be interpreted by `sed` (e.g., `&`, `/`, `\`, `\|`, ` `).	LLM	scripts/plan.sh:264
HIGH	Command Injection via unsanitized user input in `sed -i` Multiple instances of `sed -i` commands directly embed unsanitized user input (e.g., `$ONE_THING`, `$RAPID_LOG`, `$TASK_ITEM`, etc.). An attacker can craft malicious input containing `sed` commands or special characters (like newlines, backslashes, or the delimiter `\|`) to perform arbitrary file modifications, data exfiltration, or potentially command execution depending on the `sed` version and environment. This specific instance uses `$TASK_TO_MIGRATE` from user input. Avoid directly embedding unsanitized user input into `sed` commands. Instead, use a safer method for file modification, such as reading the file line by line, performing string replacements in memory, and then writing the modified content back to a temporary file before replacing the original. If `sed` must be used, escape all special characters in the user input that could be interpreted by `sed` (e.g., `&`, `/`, `\`, `\|`, ` `).	LLM	scripts/plan.sh:285
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/jankutschera/adhd-founder-planner/scripts/plan.sh:6

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/72bc19f5ad2a55fd.svg)](https://skillshield.io/report/72bc19f5ad2a55fd)