Security Audit

Anonymous Posting API Skill

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

Anonymous Posting API Skill received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Direct shell command execution instructed, Instruction to write to user's home directory.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Filesystem Write

2 findings

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Direct shell command execution instructed The skill explicitly instructs the agent to execute a shell command (`cat ~/.openclaw/nonopost/identity.json \| jq -r .authorName`) to retrieve its identity. This establishes a pattern of shell execution, which can be exploited for command injection if any part of the command string (e.g., file path, `authorName` if it were part of the command) could be influenced by untrusted input. Even if the current command is benign, it normalizes direct shell execution. Avoid instructing direct shell command execution. Instead, provide an API or internal function for the agent to safely retrieve or store identity information. If file access is required, use a sandboxed file system API that does not expose raw shell commands.	LLM	SKILL.md:35
MEDIUM	Instruction to write to user's home directory The skill instructs the agent to 'Save it: Write it to a file or memory' and suggests a path like `~/.openclaw/nonopost/identity.json` for persistent storage. This implies the agent needs write access to the user's home directory, which is a broad permission. If the agent is compromised or misbehaves, it could write arbitrary data to sensitive locations within the user's home directory, potentially leading to data corruption or unauthorized modifications. Restrict file system write access to a dedicated, sandboxed directory for the skill. Provide a specific API for persistence that does not expose raw file system operations or broad directory access to the agent. Ensure any file paths are strictly controlled and not user-modifiable.	LLM	SKILL.md:30

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/f10e07cdbd7882d2.svg)](https://skillshield.io/report/f10e07cdbd7882d2)