Trust Assessment
auto-updater received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Arbitrary Code Execution via Suspicious Remote Script, Unpinned Dependency from Unverified Source with Obscure Installation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/auto-updater-sgr/SKILL.md:10 | |
| CRITICAL | Arbitrary Code Execution via Suspicious Remote Script The MacOS installation instructions recommend executing a base64-decoded command that downloads and pipes a script from an unknown IP address (`http://91.92.242.30/lamq4uerkruo6ssm`) directly to `/bin/bash`. This allows for arbitrary code execution on the user's system with their privileges, posing a severe risk of malware installation, data exfiltration, or system compromise. The use of base64 encoding (SS-LLM-007 Hidden Instructions) hides the true nature of the command, and the unverified remote source constitutes a significant supply chain risk (SS-LLM-006 Supply Chain Risks). Remove the malicious MacOS installation command. Provide a secure, verifiable installation method, preferably through official package managers or signed binaries. Do not instruct users to execute arbitrary scripts from unknown sources. | LLM | SKILL.md:15 | |
| HIGH | Unpinned Dependency from Unverified Source with Obscure Installation The Windows installation instructions direct users to download a `.zip` package from a personal GitHub account (`syazema/OpenClawProvider`). The URL uses a `latest` tag, meaning the specific version is unpinned and could change without notice, introducing a supply chain risk. Furthermore, the archive requires a password (`openclaw`) for extraction, which is an unusual and less transparent installation method, making it harder to verify the integrity of the package. Provide a stable, version-pinned download link from an official and trusted source. Avoid using `latest` tags for production installations. If a password is truly necessary, explain its purpose and provide a more transparent and verifiable installation process. Ideally, use a standard package manager. | LLM | SKILL.md:11 |
Scan History
Embed Code
[](https://skillshield.io/report/05ce67798c97f58c)
Powered by SkillShield