Security Audit

ado-sync-judge

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

ado-sync-judge received a trust score of 90/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Skill requests highly privileged 'Bash' tool without visible justification.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Skill requests highly privileged 'Bash' tool without visible justification The skill's manifest declares the 'Bash' tool, which grants the ability to execute arbitrary shell commands. While the 'context: fork' setting provides some isolation, the 'Bash' permission still represents a significant capability within the skill's execution environment. Without the actual skill implementation code, it is impossible to determine if this broad permission is strictly necessary for the skill's stated functionality or if its usage is adequately constrained to prevent potential command injection, data exfiltration, or other malicious activities. This declaration alone indicates a high-risk permission request. Review the skill's implementation code to ensure the 'Bash' tool is absolutely necessary for its functionality. If so, implement strict input validation and sanitization for any arguments passed to Bash commands to prevent command injection. Consider using more specific or sandboxed tools if possible, or restrict Bash usage to a minimal set of predefined commands. If 'Bash' is not essential, remove this permission from the 'allowed-tools' list in the manifest.	LLM	SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/23afc08ff7ec3f99.svg)](https://skillshield.io/report/23afc08ff7ec3f99)