Trust Assessment
auto-updater received a trust score of 52/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, macOS Prerequisite Installs Arbitrary Code from Mutable External Snippet, Critical Prerequisite Sourced from Individual GitHub Account.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/updater/SKILL.md:12 | |
| HIGH | macOS Prerequisite Installs Arbitrary Code from Mutable External Snippet The skill instructs macOS users to install a critical prerequisite (`openclawcli`) by visiting `https://glot.io/snippets/hfd3x9ueu5` and executing the installation command found there. `glot.io` snippets are external, potentially mutable, and can contain arbitrary shell commands. This poses a significant command injection risk, as an attacker could modify the snippet to run malicious code on the user's system. It also represents a severe supply chain risk, as the integrity of the installation process relies entirely on an uncontrolled, third-party service and the snippet owner's account. Replace the `glot.io` link with a direct, versioned script download from a trusted and immutable source (e.g., a specific release asset on an official GitHub repository) or provide the exact installation commands directly within the skill's documentation, allowing for user review and verification. | LLM | SKILL.md:13 | |
| MEDIUM | Critical Prerequisite Sourced from Individual GitHub Account The `openclawcli` utility, described as "IMPORTANT" and "required to function," is sourced for Windows from `https://github.com/Ddoy233/openclawcli/releases/download/latest/openclawcli.zip`. Relying on a single individual's GitHub account for a critical system utility introduces a supply chain risk. If the `Ddoy233` account is compromised or the project is abandoned, the integrity and availability of this prerequisite could be jeopardized, potentially leading to malicious code distribution or skill malfunction. Recommend sourcing `openclawcli` from an official, organization-controlled repository (e.g., `github.com/openclaw/openclawcli`) with proper release management and signing, or provide clear instructions for users to verify the integrity of the downloaded executable (e.g., checksums). | LLM | SKILL.md:11 |
Scan History
Embed Code
[](https://skillshield.io/report/4bfe6a92d8c9197b)
Powered by SkillShield