Trust Assessment
clawdsense received a trust score of 17/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 7 findings: 1 critical, 2 high, 4 medium, and 0 low severity. Key findings include Arbitrary command execution, Potential hardcoded secret (high entropy), Sensitive path access: AI agent config.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Node.js child_process require Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/snail3d/clawforgod/clawdsense-skill/scripts/health-monitor.js:10 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/snail3d/clawforgod/clawdsense-skill/SKILL.md:34 | |
| HIGH | Hardcoded API Key Fallback The `GROQ_API_KEY` is hardcoded as a fallback value in `scripts/analyzer.js`. This poses a significant risk as it could lead to the accidental exposure of a valid API key if a developer copies this pattern or if the provided key is a real, compromised key. Even as an example, it encourages insecure practices and could be mistaken for a functional key. Remove the hardcoded fallback API key. Ensure `GROQ_API_KEY` is *always* loaded from environment variables and fail gracefully if not present, rather than using a default. | LLM | scripts/analyzer.js:12 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.99) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/snail3d/clawforgod/clawdsense-skill/SKILL.md:71 | |
| MEDIUM | Potential hardcoded secret (high entropy) A high-entropy string (entropy=4.99) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values. | Static | skills/snail3d/clawforgod/clawdsense-skill/SKILL.md:75 | |
| MEDIUM | Sensitive Image Data Sent to Third-Party API The `analyzeWithGroq` function in `scripts/analyzer.js` reads image data from the local filesystem and sends it, along with a descriptive prompt, to the Groq Vision API. The prompt explicitly asks for details like 'Who is present? What are they doing? Describe the environment,' indicating that potentially sensitive personal and environmental information will be transmitted to a third-party service for analysis. While this is the skill's intended function, users should be fully aware of the privacy implications of sending such data externally. Provide explicit and prominent disclosure to the user about the type of sensitive data (e.g., images of people, activities, environment) being sent to a third-party AI service (Groq Vision API) for analysis. Consider offering options for local processing or anonymization if privacy is a major concern. | LLM | scripts/analyzer.js:20 | |
| MEDIUM | Unrestricted File Extension Upload The `media-receiver.js` script uses `multer` to store uploaded files. The `filename` generation uses `path.extname(file.originalname)`, which allows an attacker to specify any file extension for uploaded files. While the `analyzer.js` only processes specific image types, an attacker could upload malicious files (e.g., `.sh`, `.html`, `.js`, `.exe`) to the `~/.clawdbot/media/inbound` directory. If another process or user were to interact with these files, it could lead to further compromise. Implement a strict whitelist of allowed file extensions (e.g., `.jpg`, `.jpeg`, `.wav`, `.avi`) in the `multer` configuration to prevent the upload of potentially malicious file types. Reject any uploads that do not match the allowed extensions. | LLM | scripts/media-receiver.js:29 |
Scan History
Embed Code
[](https://skillshield.io/report/628c44b83ae9eeeb)
Powered by SkillShield