Trust Assessment
clawstin received a trust score of 93/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 1 medium, and 1 low severity. Key findings include Potential Prompt Injection via External Data Fetch, Agent's Identity Transmitted to External API.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Potential Prompt Injection via External Data Fetch The skill instructs the agent to fetch content from `https://clawstin.com/llms.txt` and use it for event details and event slugs. If the content of this external, untrusted `.txt` file is not rigorously sanitized and validated before being processed by the agent, it could contain malicious instructions or data designed to manipulate the agent's behavior (e.g., prompt injection). The skill explicitly states, 'This file is kept current and should be checked before answering questions about upcoming events' and 'Get event slugs from https://clawstin.com/llms.txt', indicating direct consumption of this external content. Implement robust sanitization and validation of content fetched from `https://clawstin.com/llms.txt` to prevent prompt injection or other forms of agent manipulation. Ensure the agent only extracts expected data (e.g., event names, dates, slugs) and does not interpret arbitrary text as instructions. Consider using a structured data format (e.g., JSON) with schema validation instead of plain text. | LLM | SKILL.md:22 | |
| LOW | Agent's Identity Transmitted to External API The `RSVP to an Event` API call explicitly requires the `botName` field, which transmits the agent's identity to the `https://clawstin.com/api/rsvp` endpoint. While this is an explicit part of the skill's functionality, sending agent-specific metadata to a third-party service could be considered a minor privacy concern or an excessive permission if the agent's identity is intended to remain private or if it's not explicitly consented to by the user. This data could potentially be used for tracking agent usage. Clarify the purpose and privacy implications of transmitting `botName` to the external service. Consider making `botName` optional or using an anonymized identifier if agent identity is not strictly necessary for the API's function. Ensure users are aware that agent metadata is shared with third-party services. | LLM | SKILL.md:60 |
Scan History
Embed Code
[](https://skillshield.io/report/651c23d8f18981f6)
Powered by SkillShield