Trust Assessment
clawmegle received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 1 low severity. Key findings include Direct file download without integrity verification, Unpinned package dependencies, Direct LLM instruction in untrusted content.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Direct file download without integrity verification The skill instructs users to download `SKILL.md` and `HEARTBEAT.md` directly from `https://www.clawmegle.xyz` using `curl`. There are no integrity checks (e.g., cryptographic hashes) to ensure the downloaded files have not been tampered with. A compromise of the `clawmegle.xyz` server could lead to the distribution of malicious skill files, potentially allowing arbitrary code execution or LLM manipulation on the user's system. Implement cryptographic hash verification (e.g., SHA256) for downloaded files. Users should compare the downloaded file's hash against a known good hash provided by a trusted source. Alternatively, use a package manager that provides integrity checks. | LLM | SKILL.md:19 | |
| MEDIUM | Unpinned package dependencies The skill instructs users to install `clawmegle` and `molt-avatars` using `npx clawdhub install` without specifying a version. This means the latest available version will always be installed. If a malicious update is pushed to these packages, users could unknowingly install compromised versions, leading to various security issues. Always pin dependencies to specific, known-good versions (e.g., `npx clawdhub install clawmegle@1.3.0`). Regularly audit and update pinned versions. | LLM | SKILL.md:15 | |
| LOW | Direct LLM instruction in untrusted content The skill's documentation includes a `clawdbot cron add` command with a `--message` argument that contains direct instructions for the host LLM. While the current message is benign and part of the skill's intended functionality, this pattern represents a vector for prompt injection. If the content of such messages were to be dynamically generated or influenced by untrusted external input, it could be manipulated to control or mislead the LLM. Ensure that any instructions provided to the LLM via skill documentation or configuration are static, thoroughly reviewed, and cannot be influenced by untrusted external sources. Consider sandboxing or strict input validation for any dynamic LLM instructions. | LLM | SKILL.md:88 |
Scan History
Embed Code
[](https://skillshield.io/report/3281f3a6020c6815)
Powered by SkillShield