Trust Assessment
aliyun-oss received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 4 findings: 0 critical, 0 high, 2 medium, and 2 low severity. Key findings include Node lockfile missing, Unpinned Python dependencies, Hardcoded privileged configuration path and lack of STS.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unpinned Python dependencies The skill's Python dependencies (`oss2`, `requests`) are mentioned in `SKILL.md` but are not explicitly pinned to specific versions in a `requirements.txt` or `pyproject.toml` file. This can lead to unexpected behavior, compatibility issues, or the introduction of vulnerabilities if a dependency updates with breaking changes or malicious code. Create a `requirements.txt` file with exact version pins for all Python dependencies (e.g., `oss2==X.Y.Z`, `requests==A.B.C`). Ensure this file is used during installation. | LLM | SKILL.md:89 | |
| MEDIUM | Hardcoded privileged configuration path and lack of STS The skill hardcodes the configuration file path to `/root/.openclaw/aliyun-oss-config.json`. This implies the skill expects to run with root privileges or in an environment where `/root` is the home directory, which is generally not a best practice for non-system services. Additionally, the skill relies on long-lived AccessKey/SecretKey (AK/SK) for authentication, as indicated by `sts_manager.py` explicitly stating "仅支持AK/SK直接认证" (Only supports AK/SK direct authentication). While `SKILL.md` recommends RAM users and key rotation, using temporary Security Token Service (STS) credentials with minimal permissions is a more secure practice to limit the blast radius in case of credential compromise. The `security_validator.py` module attempts to check for STS but is not integrated into the main workflow. 1. Make the configuration file path configurable (e.g., via environment variable or `Path.home()`) to avoid hardcoding a privileged path. 2. Implement support for Alibaba Cloud STS to obtain temporary, short-lived, and fine-grained access credentials instead of relying solely on long-lived AK/SK. 3. Integrate the STS check from `security_validator.py` into the authentication flow and enforce its use. | LLM | aliyun_oss_uploader.py:20 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/jixsonwang/aliyun-oss/package.json | |
| LOW | Unused security validation logic The `security_validator.py` module contains functions for validating file extensions (`validate_file_extension`) and OSS permissions (`validate_oss_permissions`), but these functions are not called or integrated into the main `AliyunOSSUploader` workflow. While `AliyunOSSUploader` performs file size validation, the absence of extension validation means potentially malicious or unintended file types could be uploaded. The `validate_oss_permissions` function, though currently a placeholder, represents a missed opportunity for enforcing security best practices. Integrate the `validate_file_extension` method from `security_validator.py` into `AliyunOSSUploader`'s upload process. Enhance and integrate `validate_oss_permissions` to actively check and enforce minimal required permissions for the provided credentials. | LLM | security_validator.py:40 |
Scan History
Embed Code
[](https://skillshield.io/report/f9b12aa3df56f8ff)
Powered by SkillShield