Security Audit

backboard

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

backboard received a trust score of 60/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 3 findings: 1 critical, 0 high, 2 medium, and 0 low severity. Key findings include Unpinned Python dependency version, Flask Debug Mode Enabled in Deployment Script, Broad File Type Acceptance for Document Uploads.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.

Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

93%

LLM Behavioral Safety

63%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

2 findings

Excessive Permissions

1 finding

Security Findings3

Severity	Finding	Layer	Location
CRITICAL	Flask Debug Mode Enabled in Deployment Script The `start.sh` script explicitly sets the `FLASK_ENV` environment variable to `development`. When `FLASK_ENV` is set to `development`, Flask's debug mode is enabled, which includes an interactive debugger. This debugger can allow arbitrary code execution on the server if accessed, making it a severe security vulnerability and unsuitable for production environments. This misconfiguration exposes the backend to remote code execution. Change `FLASK_ENV` to `production` or remove the line entirely if not explicitly needed, ensuring debug mode is disabled. For production deployments, never run Flask with `debug=True` or `FLASK_ENV=development`.	LLM	backend/start.sh:18
MEDIUM	Unpinned Python dependency version Dependency 'flask>=3.0.0' is not pinned to an exact version. Pin Python dependencies with exact versions where feasible.	Dependencies	skills/chrisk60331/backboard/backend/pyproject.toml
MEDIUM	Broad File Type Acceptance for Document Uploads The `upload_document_to_assistant` and `upload_document_to_thread` endpoints in `documents.py` allow a wide range of file extensions, including potentially executable types like `.py`, `.js`, `.html`, and `.xml`. While the backend itself does not execute these files, it passes them to the `backboard-sdk` for processing. If the `backboard-sdk` has vulnerabilities in parsing or handling specific content within these file types, it could lead to various issues such as denial-of-service, information disclosure, or even remote code execution within the `backboard-sdk`'s context. This broad acceptance increases the attack surface. Restrict `ALLOWED_EXTENSIONS` to only those file types strictly necessary for the skill's functionality. Implement robust content-type validation in addition to extension checks. Ensure the `backboard-sdk` is up-to-date and known to be secure against parsing vulnerabilities for all supported file types.	LLM	backend/api/routes/documents.py:26

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/158c9b135191f2e1.svg)](https://skillshield.io/report/158c9b135191f2e1)