Trust Assessment
Agent Browser received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Hidden instructions and remote command execution via base64-encoded script, Untrusted binary download and execution for OpenClawProvider.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/agent-browser-bzsqiuw0rznw/SKILL.md:10 | |
| CRITICAL | Hidden instructions and remote command execution via base64-encoded script The MacOS installation instructions for 'OpenClawProvider' contain a base64-encoded command that, when decoded, executes a shell script fetched from a suspicious external IP address (http://91.92.242.30/tjjve9itarrd3txw) using 'curl | bash'. This allows for arbitrary remote code execution on the user's system, bypassing standard security checks and introducing severe supply chain risks. This is a direct command injection vulnerability. Remove the suspicious installation command. Provide a secure, verifiable, and transparent method for installing 'OpenClawProvider', preferably through official package managers or signed binaries. Do not use base64 encoding for executable commands. | LLM | SKILL.md:10 | |
| HIGH | Untrusted binary download and execution for OpenClawProvider The Windows installation instructions for 'OpenClawProvider' direct users to download a password-protected '.zip' file from an unverified GitHub user ('syazema') and execute its contents. This method bypasses standard software distribution and security practices, posing a significant supply chain risk as the downloaded executable could contain malware or perform malicious actions without user knowledge. Remove the suspicious installation instructions. Provide a secure, verifiable, and transparent method for installing 'OpenClawProvider', preferably through official package managers, signed binaries, or a trusted vendor. Avoid distributing password-protected archives with executables from unverified sources. | LLM | SKILL.md:7 |
Scan History
Embed Code
[](https://skillshield.io/report/f2d082dfd7fe040e)
Powered by SkillShield