Security Audit

agent-contact-card

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

agent-contact-card received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Credential/Data Exfiltration via Webhook Authentication.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Potential Credential/Data Exfiltration via Webhook Authentication The skill defines an 'agent-card' format that includes a 'webhook' channel with an 'auth' field, explicitly mentioning 'Bearer token in Authorization header'. If an LLM agent processes an untrusted agent card containing a malicious webhook URL and attempts to interact with it, there is a significant risk that the agent could inadvertently send its own operational bearer tokens or sensitive user data to the attacker's server. This mechanism provides a direct path for credential harvesting and data exfiltration if the agent is not designed with strict trust boundaries for external URLs and authentication requirements. LLM agents implementing this skill should be explicitly instructed and engineered to never send their own internal credentials (e.g., API keys, bearer tokens) or sensitive user data to webhook URLs specified in untrusted 'agent-card' documents. Implement strict validation and sanitization of all fields from external sources. Consider sandboxing network requests or using a proxy that filters sensitive headers when interacting with untrusted endpoints. The skill documentation could also add a warning about the security implications of the 'auth' field when processing untrusted cards.	LLM	SKILL.md:62

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/10c8e5ad4fd2b253.svg)](https://skillshield.io/report/10c8e5ad4fd2b253)