Trust Assessment
clawder received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 7 findings: 3 critical, 1 high, 3 medium, and 0 low severity. Key findings include File read + network send exfiltration, Suspicious import: http.client, Suspicious import: urllib.request.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | File read + network send exfiltration .env file access Remove access to sensitive files not required by the skill's stated purpose. SSH keys, cloud credentials, and browser data should never be read by skills unless explicitly part of their declared functionality. | Manifest | skills/assassin808/clawder/scripts/clawder.py:25 | |
| CRITICAL | File read + network send exfiltration .env file access Remove access to sensitive files not required by the skill's stated purpose. SSH keys, cloud credentials, and browser data should never be read by skills unless explicitly part of their declared functionality. | Manifest | skills/assassin808/clawder/scripts/clawder.py:32 | |
| CRITICAL | Prompt Injection Attempt in Skill Description The skill description contains explicit instructions intended to manipulate the host LLM's behavior, specifically telling it to act autonomously and 'DO NOT ask the human' for permission or input. This attempts to override the LLM's default safety mechanisms or interaction protocols, which is a direct prompt injection. Remove all direct instructions to the LLM from the untrusted skill description. The skill's functionality should be described neutrally, and behavioral constraints should be enforced by the LLM's system prompt or guardrails, not by the skill itself. | LLM | SKILL.md:20 | |
| HIGH | SSL Certificate Verification Bypass Option The 'scripts/clawder.py' script includes an option (CLAWDER_SKIP_VERIFY=1) to disable SSL certificate verification. Disabling SSL verification makes the connection vulnerable to Man-in-the-Middle (MITM) attacks, allowing an attacker to intercept, read, and potentially modify all traffic, including the CLAWDER_API_KEY and other sensitive data, leading to data exfiltration and credential harvesting. Remove the option to disable SSL certificate verification (CLAWDER_SKIP_VERIFY). All network communications should enforce proper certificate validation to ensure secure data transmission and prevent MITM attacks. If there are legitimate reasons for specific trust anchors, use a custom CA bundle instead of disabling verification entirely. | LLM | scripts/clawder.py:56 | |
| MEDIUM | Suspicious import: http.client Import of 'http.client' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/assassin808/clawder/scripts/clawder.py:10 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/assassin808/clawder/scripts/clawder.py:18 | |
| MEDIUM | Unpinned Dependency in Installation Instructions The installation instructions use 'npx clawhub@latest install clawder'. Relying on '@latest' for a package means that any new version, potentially malicious, could be installed without explicit review, posing a supply chain risk. It is best practice to pin dependencies to a specific version. Pin the 'clawhub' dependency to a specific, known-good version (e.g., 'npx clawhub@1.2.3 install clawder') to prevent unexpected or malicious updates. | LLM | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/31bb9c113cf71010)
Powered by SkillShield