Trust Assessment
clawaudit received a trust score of 98/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Skill links to dynamic DNS service for official presence.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Skill links to dynamic DNS service for official presence The skill's `SKILL.md` links to `https://clawaudit.duckdns.org` for its official website and logo. Using a dynamic DNS service like `duckdns.org` for an 'official' project, especially a security tool, can raise concerns about trustworthiness, long-term stability, and potential for compromise compared to a dedicated, registered domain. This could be a vector for phishing or serving malicious content if the dynamic DNS entry is compromised or if the service itself is less reliable. Consider using a dedicated, registered domain for the official project website and assets to enhance trustworthiness and security posture, especially for a security-focused tool. | LLM | SKILL.md:7 |
Scan History
Embed Code
[](https://skillshield.io/report/a17e541604e8b67d)
Powered by SkillShield