Security Audit

cctv-news-fetcher

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 3 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

cctv-news-fetcher received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 3 findings: 1 critical, 0 high, 1 medium, and 0 low severity. Key findings include Unpinned npm dependency version, Prompt Injection leading to Command Injection via unsanitized user input, Hardcoded Cookie in HTTP Requests.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

93%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings3

Severity	Finding	Layer	Location
CRITICAL	Prompt Injection leading to Command Injection via unsanitized user input The skill's instructions in SKILL.md explicitly direct the host LLM to execute a shell command (`bun {baseDir}/scripts/news_crawler.js <YYYYMMDD>`). The `<YYYYMMDD>` parameter is derived from user input. If the LLM directly interpolates unsanitized user input into this command, a malicious user could inject arbitrary shell commands (e.g., `20250210; rm -rf /`). This constitutes a critical command injection vulnerability enabled by a prompt injection. The host LLM must sanitize or validate user input (`YYYYMMDD`) before constructing and executing the shell command. Only allow strictly formatted dates. Alternatively, use a safer execution mechanism that does not involve direct shell command construction with user input, or pass the date as an argument to a dedicated function that handles validation internally.	LLM	SKILL.md:16
MEDIUM	Unpinned npm dependency version Dependency 'node-html-parser' is not pinned to an exact version ('^7.0.2'). Pin dependencies to exact versions to reduce drift and supply-chain risk.	Dependencies	skills/yuhangch/cctv-news-fetcher/package.json
INFO	Hardcoded Cookie in HTTP Requests The `scripts/news_crawler.js` file includes a hardcoded cookie (`cna=DLYSGBDthG4CAbRVCNxSxGT6`) in the headers of all outgoing HTTP requests. While this specific cookie appears to be a benign tracking cookie for CCTV, hardcoding cookies in skill code can be a security hygiene issue. If this cookie were to become sensitive or if the target domain were compromised, it could pose a minor risk. Review the necessity of sending this specific cookie. If it's not strictly required for functionality, remove it. If it is required, consider if it should be dynamically generated or managed more securely, although for a public tracking cookie, this is less critical.	LLM	scripts/news_crawler.js:17

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/fa8f5ca7a655bfde.svg)](https://skillshield.io/report/fa8f5ca7a655bfde)