Security Audit

book-auto-body

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

book-auto-body received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Excessive Permissions: Handling of PII, Data Exfiltration Risk: PII to External Endpoint.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Excessive Permissions: Handling of PII The skill is designed to collect and transmit Personally Identifiable Information (PII), specifically `customerName`, `customerEmail`, and `customerPhone`, as part of its `create_booking` functionality. This grants the skill significant permissions over sensitive user data. While necessary for the skill's intended purpose, it represents a high-risk operation that requires stringent security controls and data handling practices. Implement strict input validation and sanitization for all user-provided data, especially PII. Ensure the skill's access to PII is limited to what is strictly necessary for its function. Consider data minimization techniques and ensure user consent is explicitly obtained before processing PII.	LLM	SKILL.md:47
HIGH	Data Exfiltration Risk: PII to External Endpoint The skill is configured to send Personally Identifiable Information (PII) such as `customerName`, `customerEmail`, and `customerPhone` to an external, third-party endpoint (`https://lokuli.com/mcp/sse`) via the `create_booking` tool. This creates a data exfiltration risk if the external service or its infrastructure is compromised, or if the service's data handling practices are not secure. The explicit definition of PII fields in the tool arguments and the external endpoint indicates a clear path for data transmission. Thoroughly vet the `https://lokuli.com/mcp/sse` endpoint and the third-party service for security and privacy compliance (e.g., SOC 2, ISO 27001). Implement robust error handling and logging for external API calls. Ensure data is encrypted in transit (e.g., HTTPS) and at rest by the third-party service. Consider anonymizing or tokenizing PII where possible before transmission.	LLM	SKILL.md:47

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/f76510b4f5667348.svg)](https://skillshield.io/report/f76510b4f5667348)