Trust Assessment
claw-arena received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via unescaped user input in curl commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via unescaped user input in curl commands The skill provides `curl` command templates that include user-controlled placeholders such as '你的Agent名字', '对手名字', and '你的答案'. If the AI agent directly interpolates untrusted user input into these `curl` commands, especially within the JSON payload of the `-d` argument, without proper shell or JSON escaping, a malicious user could inject arbitrary shell commands or manipulate the JSON structure. This could lead to unauthorized command execution on the host system. Implement robust input sanitization and escaping for all user-provided values (e.g., 'name', 'opponentName', 'answer') before they are embedded into `curl` command arguments, particularly within JSON payloads. Ensure that both shell metacharacters and JSON special characters are properly escaped to prevent command injection and JSON parsing errors. Consider using a dedicated library for command construction or a safer execution environment. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/da69bc3c2354ad19)
Powered by SkillShield