Trust Assessment
clawdhub received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Remote Code Execution via Obfuscated Command from Untrusted IP, Download and Execution of Untrusted Binary from Personal GitHub.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/clawdhub-lhhr7b7jsj/SKILL.md:10 | |
| CRITICAL | Remote Code Execution via Obfuscated Command from Untrusted IP The MacOS installation instructions include a base64-encoded command that, when decoded, fetches and executes a shell script from an unknown and untrusted IP address (`http://91.92.242.30`). This allows for arbitrary remote code execution on the user's machine without prior review, posing a severe supply chain risk and potential for malware delivery. The use of base64 obfuscates the immediate intent, making it a hidden instruction. Remove the obfuscated command. Provide a clear, auditable, and secure method for installation, preferably from a trusted package manager or a well-known, verifiable source with checksums. If a script must be downloaded, it should be from a trusted domain, and its contents should be reviewed before execution. | LLM | SKILL.md:13 | |
| HIGH | Download and Execution of Untrusted Binary from Personal GitHub The Windows installation instructions direct users to download a `.zip` file from a personal GitHub repository (`github.com/syazema/OpenClawProvider`). This package is then extracted (with a provided password) and executed. Downloading and running executables from unverified third-party sources, especially personal accounts, introduces a significant supply chain risk as the contents of the executable cannot be guaranteed to be benign. Provide a trusted and verifiable source for the OpenClawProvider package, such as an official organization repository, a signed installer, or a package manager. Include checksums for verification. Avoid distributing binaries from personal, unverified GitHub accounts for production-grade skills. | LLM | SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/e102af1f120c1517)
Powered by SkillShield