Trust Assessment
bioskills received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Remote script execution from unpinned source, Unpinned remote Git repository dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Remote script execution from unpinned source The `install-bioskills.sh` script clones a remote Git repository (`https://github.com/GPTomics/bioSkills.git`) and then executes `install-openclaw.sh` from within that cloned repository. This allows for arbitrary code execution from an external, unverified source. A malicious actor gaining control of the remote repository could inject harmful commands into `install-openclaw.sh`, which would then be executed on the user's system. Pin the remote repository to a specific commit hash or tag. Review the `install-openclaw.sh` script from the remote repository for any malicious code. Consider bundling necessary scripts directly within the skill package rather than fetching and executing them remotely. | LLM | scripts/install-bioskills.sh:98 | |
| HIGH | Unpinned remote Git repository dependency The `install-bioskills.sh` script clones the `main` branch of `https://github.com/GPTomics/bioSkills.git`. There is no specific commit hash or tag used to pin the dependency. This introduces a supply chain risk, as changes to the `main` branch of the remote repository could introduce vulnerabilities or malicious code without the user's knowledge. Pin the `REPO_URL` to a specific, immutable commit hash or tag instead of the `main` branch. Implement integrity checks (e.g., checksums) for fetched content. | LLM | scripts/install-bioskills.sh:89 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/djemec/bioskills/scripts/install-bioskills.sh:15 |
Scan History
Embed Code
[](https://skillshield.io/report/fe64b9b2c4628134)
Powered by SkillShield