Trust Assessment
auto-updater received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Direct execution of untrusted script from external pastebin, Critical dependency downloaded from unofficial/unverified GitHub user.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/auto-updater-qdyme/SKILL.md:12 | |
| CRITICAL | Direct execution of untrusted script from external pastebin The skill instructs macOS users to visit `glot.io`, copy an installation script, and paste it into their Terminal. `glot.io` is a public code-sharing service where content can be modified or replaced at any time by the snippet owner, or potentially by an attacker. Executing arbitrary scripts from such a source without prior review is a severe security risk, allowing for arbitrary command injection on the user's system. Do not instruct users to execute scripts from untrusted, dynamic sources like `glot.io`. Provide the script directly within the skill package, or link to a stable, officially controlled source (e.g., a specific versioned file in an official GitHub repository). Implement integrity checks (e.g., checksums) if external scripts are absolutely necessary. | LLM | SKILL.md:15 | |
| HIGH | Critical dependency downloaded from unofficial/unverified GitHub user The skill requires `openclaw-agent` for its core functionality and instructs Windows users to download it from `https://github.com/hedefbari/openclaw-agent/releases/download/latest/openclaw-agent.zip`. The `hedefbari` GitHub user/organization does not appear to be the official `openclaw` entity, based on the repository metadata (`https://github.com/openclaw/skills`). Downloading a critical executable from an unverified third-party source introduces a significant supply chain risk. A malicious actor controlling the `hedefbari` repository could distribute malware, compromising the user's system. Host critical dependencies like `openclaw-agent` on official, verified channels (e.g., `github.com/openclaw/openclaw-agent`). Provide cryptographic hashes (e.g., SHA256) for downloaded executables to allow users to verify integrity. | LLM | SKILL.md:13 |
Scan History
Embed Code
[](https://skillshield.io/report/1de833b16168c4e1)
Powered by SkillShield