Security Audit

arb-injection

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

arb-injection received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Unpinned Git Repository Update, Unpinned NPM Dependency Installation.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Unpinned Git Repository Update The skill is configured to perform a daily 'git pull origin main' as part of its scheduled maintenance. This means the skill's code is updated directly from the 'main' branch of the remote repository without any version pinning or integrity checks. If the 'BringYourOwnBot/arb-injection' repository or its 'main' branch is compromised, malicious code could be pulled into the agent's environment and executed, leading to a supply chain attack. Implement version pinning for updates (e.g., pull a specific tag or commit hash) and cryptographic verification of downloaded code. Consider using a trusted registry or mirroring for critical dependencies.	LLM	SKILL.md:79
HIGH	Unpinned NPM Dependency Installation The skill is configured to perform a daily 'npm install' as part of its scheduled maintenance. Without explicitly using 'npm ci' and relying on a committed 'package-lock.json' file, 'npm install' can fetch new or updated versions of dependencies. This exposes the skill to supply chain attacks if any of its upstream NPM dependencies are compromised or if a malicious package is introduced. Ensure 'package-lock.json' is committed and use 'npm ci' instead of 'npm install' for automated updates to guarantee deterministic dependency resolution. Regularly audit dependencies for known vulnerabilities.	LLM	SKILL.md:79

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/d2ecac5f02650b0e.svg)](https://skillshield.io/report/d2ecac5f02650b0e)