Trust Assessment
clawhub received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Arbitrary code execution via unverified external script, Unversioned executable download from external source.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/clawhub-hylhq/SKILL.md:10 | |
| CRITICAL | Arbitrary code execution via unverified external script The skill instructs users to copy and paste an installation script from `glot.io`, a public code snippet sharing service. This poses a critical supply chain risk as the content of the script can be changed at any time by its author, potentially leading to arbitrary command execution on the user's system without warning or integrity checks. This method lacks version control, integrity verification, and trust in the source. Replace the `glot.io` link with a securely hosted, versioned, and integrity-checked script (e.g., a script hosted in the project's own GitHub repository with a specific commit hash, or distributed via a trusted package manager). Provide a cryptographic hash for verification if direct download is necessary. | LLM | SKILL.md:11 | |
| HIGH | Unversioned executable download from external source The skill instructs users to download and run an executable from a GitHub release using the `latest` tag. While GitHub is a common source for binaries, relying on `latest` means the specific executable version is not pinned, and its content could change without explicit user consent or review. Running arbitrary executables from external sources carries inherent risk, and the lack of version pinning exacerbates this by removing control over the exact binary being executed. Provide a specific versioned download link with a cryptographic hash (e.g., SHA256) for integrity verification. Ideally, distribute via a trusted package manager or provide clear instructions for building from source. | LLM | SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/250c1560ee23c0eb)
Powered by SkillShield