Trust Assessment
clawchest received a trust score of 93/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 1 medium, and 1 low severity. Key findings include Skill installation instructions contain shell commands, Skill components downloaded from remote server.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill installation instructions contain shell commands The skill's `SKILL.md` file provides `bash` commands for local installation. If an AI agent is configured to automatically execute code blocks found in untrusted skill documentation, these commands could lead to arbitrary shell execution. While the commands are intended for self-installation and write to a standard skill directory, the direct execution of shell commands from untrusted markdown is a command injection vector. An attacker could potentially modify these instructions if they gain control over the skill's distribution or the agent's interpretation of markdown. 1. Agents should be configured to never automatically execute shell commands found in untrusted documentation. 2. If self-installation is required, it should be handled by a trusted, sandboxed installer component, not by directly executing commands from the skill's untrusted markdown. 3. Consider providing installation instructions in a separate, trusted manifest or installation script, rather than directly in the untrusted skill documentation. | LLM | SKILL.md:17 | |
| LOW | Skill components downloaded from remote server The skill's installation instructions advise downloading `SKILL.md` and `package.json` directly from `https://clawchest.com`. While `clawchest.com` is the declared domain for this skill, relying on direct downloads from a remote server for core skill components introduces a supply chain risk. If `clawchest.com` were compromised, an attacker could serve malicious skill files, leading to a compromise of the agent. 1. Skill packages should ideally be self-contained or rely on trusted package managers with integrity checks. 2. If remote fetching is necessary, implement strong integrity verification (e.g., cryptographic signatures, checksums) for downloaded components. 3. Agents should be configured to verify the source and integrity of skill components before installation or execution. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/33fa83fe34c9181d)
Powered by SkillShield