Security Audit

agent-bridge-kit

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

agent-bridge-kit received a trust score of 66/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 5 findings: 0 critical, 0 high, 5 medium, and 0 low severity. Key findings include Missing required field: name, Sensitive environment variable access: $HOME, Unencoded user input in URL path for foragents_skill.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

72%

Dependency Graph

100%

LLM Behavioral Safety

93%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

3 findings

Excessive Permissions

4 findings

Security Findings5

Severity	Finding	Layer	Location
MEDIUM	Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter.	Static	skills/ryancampbell/agent-bridge-kit/SKILL.md:1
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/ryancampbell/agent-bridge-kit/scripts/adapters/colony.sh:13
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/ryancampbell/agent-bridge-kit/scripts/adapters/foragents.sh:21
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/ryancampbell/agent-bridge-kit/scripts/lib/config.sh:4
MEDIUM	Unencoded user input in URL path for foragents_skill The `cmd_skills` function in `scripts/adapters/foragents.sh` directly interpolates the `$slug` argument into a URL path without proper URI encoding. This argument originates from user input via `bridge.sh skills <user_input>`. If `$slug` contains path traversal sequences (e.g., `../`) or other special characters, it could lead to attempts to access unintended resources on the `foragents.dev` server (e.g., `../../etc/passwd.md`) or manipulate the `curl` request in unexpected ways. While the remote server might have its own sanitization, the client-side construction of the URL is vulnerable to this type of manipulation. URI-encode the `$slug` variable before interpolating it into the URL. A robust solution would be to use `slug_encoded=$(jq -rn --arg s "$slug" '$s \| @uri')` and then use `"$API_BASE/api/skills/${slug_encoded}.md"` in the `curl` command. This is similar to how the `$tag` variable is handled in the `cmd_read` function within the same script.	LLM	scripts/adapters/foragents.sh:100

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/a88aa6a0915ab4d7.svg)](https://skillshield.io/report/a88aa6a0915ab4d7)