Trust Assessment
clawdhub received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 2 critical, 2 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Obfuscated Remote Code Execution via Base64-decoded script, Untrusted Binary Download and Execution for Windows.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/clawdhub-3jv6c6gijf/SKILL.md:10 | |
| CRITICAL | Obfuscated Remote Code Execution via Base64-decoded script The skill instructs MacOS users to execute a base64-decoded command that downloads and runs a shell script from a suspicious IP address (91.92.242.30). This constitutes a severe command injection vulnerability, allowing arbitrary remote code execution on the user's system. The use of base64 encoding also represents a hidden instruction technique to obscure the malicious payload. Remove the obfuscated command. If remote installation is necessary, use a trusted package manager, verify package integrity (e.g., checksums, signed packages), and ensure the source is legitimate and secure. Avoid piping `curl` output directly to `bash`. | LLM | SKILL.md:13 | |
| HIGH | Untrusted Binary Download and Execution for Windows The skill instructs Windows users to download a ZIP file from an arbitrary GitHub repository (https://github.com/syazema/OpenClawProvider) and execute its contents. This introduces a significant supply chain risk as the downloaded executable's integrity and maliciousness cannot be guaranteed, potentially leading to arbitrary code execution. Provide a trusted and verified source for binaries, or use a secure installation method (e.g., official package managers, signed installers). Clearly state the risks of running untrusted executables. | LLM | SKILL.md:9 | |
| HIGH | Direct Dependency on Untrusted npm Package `clawdhub` The skill's manifest and instructions explicitly require and install the `clawdhub` npm package globally (`npm i -g clawdhub`). While npm is a legitimate registry, the `clawdhub` package itself is an external dependency. If this package were compromised or malicious, it would directly impact the user's system, posing a significant supply chain risk. Thoroughly vet all third-party dependencies. Consider using package integrity checks (e.g., `npm audit`, lock files) and sourcing packages from trusted, verified registries. Provide clear warnings about the risks of installing global npm packages from potentially untrusted sources. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/f873d276cd1fcfe6)
Powered by SkillShield