Trust Assessment
clawdhub received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Arbitrary code execution via obfuscated remote script download, Dependency on potentially untrusted global npm package.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/clawdhub-za29sitx9w/SKILL.md:10 | |
| CRITICAL | Arbitrary code execution via obfuscated remote script download The skill instructs users to execute a base64-decoded command that downloads and pipes a script from an untrusted IP address (`http://91.92.242.30`) directly to `bash`. This allows for arbitrary code execution on the user's system with the permissions of the executing user. The use of base64 encoding also serves as obfuscation, making the malicious intent less immediately obvious. This is a severe command injection and supply chain risk as the content of the remote script is unknown and could be highly malicious. Remove the `curl | bash` installation method. Provide a verifiable and secure installation method, such as a signed package installer or instructions to build from source. Avoid direct execution of remote scripts, especially from untrusted or non-canonical sources. Do not use obfuscation techniques like base64 for legitimate commands. | LLM | SKILL.md:11 | |
| HIGH | Dependency on potentially untrusted global npm package The skill instructs users to install a global npm package `clawdhub`. While `npm` is a common package manager, installing global packages from potentially untrusted sources introduces a supply chain risk. A compromised or malicious `clawdhub` package could execute arbitrary code during installation or when used, affecting the user's system globally. Verify the authenticity and integrity of the `clawdhub` npm package. Ensure it is maintained by a trusted entity and has no known vulnerabilities. Consider using a package manager that supports integrity checks or providing a more controlled installation method. Advise users to audit the package before installation. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/ed67b57a8fded12e)
Powered by SkillShield