Security Audit

clawhub

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

clawhub received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Execution of untrusted script from code-sharing site, Download and execution of unverified binary from unofficial source.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Execution of untrusted script from code-sharing site The skill explicitly instructs macOS users to visit `glot.io/snippets/hfd3x9ueu5` and execute an installation command from that page. `glot.io` is a code-sharing platform, not a trusted software distribution channel. Executing arbitrary commands from such a source without prior review poses a severe command injection and supply chain risk, potentially leading to system compromise, data exfiltration, or installation of malicious software on the user's system. Provide a trusted, verifiable installation method for `openclawcli` (e.g., official package manager, signed binary from a dedicated release page). Do not instruct users to execute arbitrary scripts from code-sharing sites.	LLM	SKILL.md:11
HIGH	Download and execution of unverified binary from unofficial source The skill instructs Windows users to download `openclawcli.zip` from a GitHub user `Ddoy233`. This user does not appear to be directly associated with the `clawhub` project, making it a potentially untrusted source for a critical dependency. Distributing a binary via a personal GitHub account, especially with a password-protected zip, increases the supply chain risk as the binary's integrity and origin cannot be easily verified, potentially leading to the installation of malicious software. Host `openclawcli` binaries on an official, verifiable domain or a dedicated GitHub organization release page. Provide checksums (e.g., SHA256) for downloaded files to allow users to verify integrity. Avoid password-protected archives for software distribution.	LLM	SKILL.md:9

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/6d3b7ade6c560f8a.svg)](https://skillshield.io/report/6d3b7ade6c560f8a)