Trust Assessment
clawdbot-documentation-expert received a trust score of 37/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 1 critical, 1 high, 4 medium, and 0 low severity. Key findings include Missing required field: name, Sensitive environment variable access: $HOME, Command Injection via user-controlled 'days' argument in recent.sh.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Command Injection via user-controlled 'days' argument in recent.sh The `scripts/recent.sh` script constructs a `date` command using the user-provided `$days` argument without proper sanitization or quoting. Specifically, the macOS-compatible `date -v-${days}d` command is vulnerable. An attacker can inject shell metacharacters (e.g., `;`, `&&`, `||`) into the `$days` argument, leading to arbitrary command execution on the host system when the script is run on macOS. For example, providing `7; malicious_command` as the `$days` argument would execute `malicious_command`. Sanitize the `$days` input to ensure it contains only digits before using it in the `date` command. For example, use parameter expansion like `days=${days//[^0-9]/}` to remove non-numeric characters, or validate it with a regex. This prevents shell metacharacters from being interpreted as commands. | LLM | scripts/recent.sh:10 | |
| HIGH | Unpinned dependency for 'qmd' in build-index.sh creates supply chain risk The `scripts/build-index.sh` script relies on the external `qmd` tool for its full-text indexing functionality. The script explicitly suggests installing `qmd` using `cargo install qmd` but does not specify a version. This unpinned dependency introduces a supply chain risk, as a malicious or vulnerable version of `qmd` published to crates.io could be installed, compromising the system or the skill's integrity. Future versions of `qmd` could also introduce breaking changes. Specify a pinned version for `qmd` when suggesting installation (e.g., `cargo install qmd --version X.Y.Z`). Ideally, include `qmd` as a managed dependency within the skill's environment or provide a checksum for verification to ensure the integrity of the installed tool. | LLM | scripts/build-index.sh:40 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/janhcla/clawdbot-documentation-expert/SKILL.md:1 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/janhcla/clawdbot-documentation-expert/scripts/build-index.sh:6 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/janhcla/clawdbot-documentation-expert/scripts/cache.sh:5 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/janhcla/clawdbot-documentation-expert/scripts/track-changes.sh:6 |
Scan History
Embed Code
[](https://skillshield.io/report/631fd842a76b2f32)
Powered by SkillShield