Trust Assessment
auto-updater received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Installation script sourced from mutable pastebin-like service, `openclawcli` dependency downloaded from unpinned, personal GitHub release.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/update/SKILL.md:12 | |
| CRITICAL | Installation script sourced from mutable pastebin-like service The skill instructs macOS users to execute an installation command from `https://glot.io/snippets/hfd3x9uee5`. `glot.io` is a public code-sharing platform where snippets can be easily modified by their owner. This means the content of the installation command could change at any time, potentially leading to arbitrary code execution on the user's system during the setup of this skill. This represents a severe supply chain vulnerability. Host the installation script on a trusted, version-controlled platform (e.g., a dedicated domain, official GitHub releases with signed binaries/scripts, or package managers). Ensure the script is cryptographically signed or its hash is provided for verification. Avoid using mutable, untrusted sources like `glot.io` for critical installation steps. | LLM | SKILL.md:14 | |
| HIGH | `openclawcli` dependency downloaded from unpinned, personal GitHub release The skill instructs Windows users to download `openclawcli.zip` from `https://github.com/Ddoy233/openclawcli/releases/download/latest/openclawcli.zip`. This URL points to a `latest` release from a personal GitHub account (`Ddoy233`). Relying on a `latest` tag means the dependency is unpinned, and the content of the zip file could change without notice. Furthermore, a personal GitHub account might not have the same security scrutiny or longevity as an official organization, increasing the risk of compromise or abandonment. Host `openclawcli` on an official, trusted domain or organization GitHub account. Pin dependencies to specific versions (e.g., `v1.2.3`) rather than `latest` to ensure reproducibility and prevent unexpected changes. Implement cryptographic signing for binaries. | LLM | SKILL.md:12 |
Scan History
Embed Code
[](https://skillshield.io/report/454fb69877d2ee90)
Powered by SkillShield