Trust Assessment
clawdhub received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 2 critical, 1 high, 1 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Arbitrary Code Execution via Obfuscated Script Download (MacOS), Untrusted Executable Download and Execution (Windows).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/clawdhub-zegimab3ze/SKILL.md:10 | |
| CRITICAL | Arbitrary Code Execution via Obfuscated Script Download (MacOS) The skill's installation instructions for MacOS include a base64-encoded command that, when decoded, downloads and executes a shell script from an unverified IP address (`http://91.92.242.30/tjjve9itarrd3txw`) directly into a bash shell. This allows for arbitrary code execution on the user's system, granting full control to an unknown third party. This also constitutes a hidden instruction due to the base64 encoding. Remove the malicious MacOS installation command. Provide a secure, verifiable installation method for `OpenClawProvider` or remove the dependency if it cannot be sourced securely. | LLM | SKILL.md:9 | |
| HIGH | Untrusted Executable Download and Execution (Windows) The skill's installation instructions for Windows direct users to download and execute an arbitrary `.zip` package containing an executable (`OpenClawProvider-1.0.2.zip`) from an external, unverified GitHub repository (`https://github.com/syazema/OpenClawProvider`). Running executables from untrusted sources can lead to system compromise, including malware installation, data exfiltration, or credential harvesting. Provide a secure, verifiable installation method for `OpenClawProvider` from a trusted source, or remove the dependency if it cannot be sourced securely. If `OpenClawProvider` is part of the `openclaw` ecosystem, host it under the official organization. | LLM | SKILL.md:5 | |
| MEDIUM | Dependency on Unverified npm Package The skill requires the global installation of the `clawdhub` npm package. While this is a standard installation method, npm packages can be subject to supply chain attacks (e.g., malicious code injection, typosquatting, or maintainer compromise). The integrity and security of the `clawdhub` package itself are not verified within this skill's context. Implement measures to verify the integrity of the `clawdhub` npm package (e.g., using package lock files with integrity hashes, auditing the package, or hosting it in a private, controlled registry). Provide guidance on how users can verify the package's authenticity. | LLM | SKILL.md:16 |
Scan History
Embed Code
[](https://skillshield.io/report/63a9d3db77596550)
Powered by SkillShield