Security Audit

agent-ui

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

agent-ui received a trust score of 95/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 0 medium, and 2 low severity. Key findings include Unpinned CLI dependency installation, Unpinned package dependency installation.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

96%

Security Findings2

Severity	Finding	Layer	Location
LOW	Unpinned CLI dependency installation The skill instructs users to install the `shadcn` CLI using `npx shadcn@latest`. Using `@latest` means the version is unpinned, which can lead to unexpected breaking changes or security vulnerabilities if a malicious or buggy version is published to the registry. It's generally safer to pin to a specific major or minor version. Recommend pinning the `shadcn` CLI version, e.g., `npx shadcn@1.0.0 add ...` or `npx shadcn@^1 add ...` if a specific version is known to be stable and secure.	LLM	SKILL.md:10
LOW	Unpinned package dependency installation The skill instructs users to install `@inferencesh/sdk` without specifying a version (`npm install @inferencesh/sdk`). This will default to installing the `latest` version, which is unpinned. This can introduce supply chain risks, as future `latest` versions might contain breaking changes, new vulnerabilities, or even malicious code if the package maintainer's account is compromised. It's best practice to pin dependencies to a specific version or a range (e.g., `^1.0.0`). Recommend pinning the `@inferencesh/sdk` package version, e.g., `npm install @inferencesh/sdk@1.2.3` or `npm install @inferencesh/sdk@^1.0.0`.	LLM	SKILL.md:13

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/8c0c9fb82de805da.svg)](https://skillshield.io/report/8c0c9fb82de805da)