Trust Assessment
clawl-register received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include API endpoint configurable via environment variable, enabling data exfiltration.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | API endpoint configurable via environment variable, enabling data exfiltration The `CLAWL_API` endpoint is determined by `process.env.CLAWL_API`. This allows an attacker to redirect all registration and validation requests, including the agent's name, description, capabilities, and contact information, to an arbitrary server. While the skill documentation states only 'public-facing metadata' is shared, sending this data to an untrusted third party constitutes data exfiltration, as it can be used for profiling, targeted attacks, or impersonation. Remove the ability to override `CLAWL_API` via environment variables, or implement strict validation/whitelisting of allowed API endpoints. Ensure that only truly public and non-sensitive data is ever transmitted, even to the default endpoint. | LLM | scripts/register.js:17 |
Scan History
Embed Code
[](https://skillshield.io/report/263907b1eee2a4a8)
Powered by SkillShield