Security Audit

adobe

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

adobe received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via `curl` JSON parameters, Potential Data Exfiltration via external `output.href`.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

2 findings

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Command Injection via `curl` JSON parameters The skill documentation provides `curl` command examples that include JSON payloads. If the AI agent constructs these commands by directly interpolating untrusted user input into JSON fields (e.g., `input.href`, `output.href`, `prompt`) without proper sanitization or escaping, an attacker could inject shell commands. Malicious input could break out of the JSON string and execute arbitrary commands on the host system. Implement robust input validation and sanitization for all user-provided parameters before constructing and executing shell commands. Use parameterized command execution where possible, or strictly escape all user input to prevent JSON or shell injection.	LLM	SKILL.md:22
MEDIUM	Potential Data Exfiltration via external `output.href` The Photoshop API example demonstrates the use of an `output.href` parameter to specify an external location (e.g., an S3 bucket) for storing processed output. If the AI agent allows users to provide arbitrary URLs for this parameter, and if the skill processes sensitive input data (e.g., images containing PII), an attacker could redirect the processed data to an attacker-controlled server, leading to data exfiltration. Restrict the `output.href` parameter to a predefined set of trusted storage locations or enforce strict validation to prevent redirection to arbitrary external servers. If user-defined locations are necessary, ensure they are within a controlled and secure environment.	LLM	SKILL.md:23

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/2b8dc43b503a7c77.svg)](https://skillshield.io/report/2b8dc43b503a7c77)