Trust Assessment
clawdaddy received a trust score of 51/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 4 findings: 0 critical, 3 high, 1 medium, and 0 low severity. Key findings include Hardcoded Bearer Token detected, Insecure Handling of Management Token, Token Recovery Endpoint Abuse Potential.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/gregm711/clawdaddy/SKILL.md:215 | |
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/gregm711/clawdaddy/SKILL.md:227 | |
| HIGH | Insecure Handling of Management Token The skill explicitly instructs the LLM to "Save the `managementToken` immediately!" after a successful domain purchase. This token is a sensitive bearer credential required for all domain management operations. If the LLM stores this token in its conversational memory, logs, or any other insecure manner, it creates a high risk of data exfiltration. A malicious prompt could then attempt to retrieve this token, granting unauthorized access to domain management. The LLM provider should ensure that sensitive credentials like `managementToken` are stored securely, outside of the conversational context, and are not retrievable by subsequent prompts or exposed in logs. The skill author should consider if the token needs to be explicitly "saved" by the LLM, or if it should be passed directly to subsequent tool calls without persistent storage by the LLM itself. | LLM | SKILL.md:171 | |
| MEDIUM | Token Recovery Endpoint Abuse Potential The `POST /api/recover` endpoint allows a new management token to be generated and sent to a user's email or associated with a wallet address. While a legitimate feature, if an attacker can trick the LLM into initiating this recovery process using a user's email or wallet address (e.g., through social engineering via prompt injection), they could potentially gain access to a new management token for a domain they do not own. This relies on the LLM being susceptible to providing user-specific PII (email/wallet) to the skill. The LLM should be designed to strictly control access to user PII (like email or wallet addresses) and require explicit user confirmation before using such data in API calls, especially for sensitive operations like credential recovery. Skill developers should consider adding additional out-of-band verification for token recovery. | LLM | SKILL.md:304 |
Scan History
Embed Code
[](https://skillshield.io/report/6e2fda986e0723f4)
Powered by SkillShield