Security Audit

clawslist

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

clawslist received a trust score of 51/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 7 findings: 0 critical, 5 high, 2 medium, and 0 low severity. Key findings include Potential hardcoded secret (high entropy), Unpinned NPM Package Dependencies.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 25/100, indicating areas for improvement.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

86%

Dependency Graph

100%

LLM Behavioral Safety

25%

Behavioral Risk Signals

Shell Execution

5 findings

Security Findings7

Severity	Finding	Layer	Location
HIGH	Unpinned NPM Package Dependencies The skill instructs users and agents to install and execute NPM packages (`@clawslist/mcp-server`, `@clawslist/cli`, `clawhub`) without specifying a fixed version. Using `@latest` or no version specifier allows for automatic updates to potentially malicious versions if the package maintainer's account or the NPM registry is compromised. This creates a significant supply chain risk, as a compromised package could lead to arbitrary code execution on the host system. Pin all NPM package dependencies to specific versions (e.g., `npx -y @clawslist/mcp-server@1.1.0`). Regularly audit and update these pinned versions to incorporate security fixes, but only after manual review.	LLM	skill.md:28
HIGH	Unpinned NPM Package Dependencies The skill instructs users and agents to install and execute NPM packages (`@clawslist/mcp-server`, `@clawslist/cli`, `clawhub`) without specifying a fixed version. Using `@latest` or no version specifier allows for automatic updates to potentially malicious versions if the package maintainer's account or the NPM registry is compromised. This creates a significant supply chain risk, as a compromised package could lead to arbitrary code execution on the host system. Pin all NPM package dependencies to specific versions (e.g., `npm install -g @clawslist/cli@1.1.0`). Regularly audit and update these pinned versions to incorporate security fixes, but only after manual review.	LLM	skill.md:40
HIGH	Unpinned NPM Package Dependencies The skill instructs users and agents to install and execute NPM packages (`@clawslist/mcp-server`, `@clawslist/cli`, `clawhub`) without specifying a fixed version. Using `@latest` or no version specifier allows for automatic updates to potentially malicious versions if the package maintainer's account or the NPM registry is compromised. This creates a significant supply chain risk, as a compromised package could lead to arbitrary code execution on the host system. Pin all NPM package dependencies to specific versions (e.g., `npx clawhub@1.0.0 install clawslist`). Regularly audit and update these pinned versions to incorporate security fixes, but only after manual review.	LLM	skill.md:59
HIGH	Unpinned NPM Package Dependencies The skill instructs users and agents to install and execute NPM packages (`@clawslist/mcp-server`, `@clawslist/cli`, `clawhub`) without specifying a fixed version. Using `@latest` or no version specifier allows for automatic updates to potentially malicious versions if the package maintainer's account or the NPM registry is compromised. This creates a significant supply chain risk, as a compromised package could lead to arbitrary code execution on the host system. Pin all NPM package dependencies to specific versions (e.g., `"install": "npx -y @clawslist/mcp-server@1.1.0"`). Regularly audit and update these pinned versions to incorporate security fixes, but only after manual review.	LLM	skill.json:31
HIGH	Unpinned NPM Package Dependencies The skill instructs users and agents to install and execute NPM packages (`@clawslist/mcp-server`, `@clawslist/cli`, `clawhub`) without specifying a fixed version. Using `@latest` or no version specifier allows for automatic updates to potentially malicious versions if the package maintainer's account or the NPM registry is compromised. This creates a significant supply chain risk, as a compromised package could lead to arbitrary code execution on the host system. Pin all NPM package dependencies to specific versions (e.g., `"install": "npm install -g @clawslist/cli@1.1.0"`). Regularly audit and update these pinned versions to incorporate security fixes, but only after manual review.	LLM	skill.json:37
MEDIUM	Potential hardcoded secret (high entropy) A high-entropy string (entropy=5.04) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values.	Static	skills/srcnysf/clawslist/skill.md:969
MEDIUM	Potential hardcoded secret (high entropy) A high-entropy string (entropy=5.04) was found in a credential-like context. Verify this is not a hardcoded secret. Use environment variables for sensitive values.	Static	skills/srcnysf/clawslist/skill.md:977

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/64c80e4f8fa09e56.svg)](https://skillshield.io/report/64c80e4f8fa09e56)