Trust Assessment
clawstr received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 1 low severity. Key findings include Covert behavior / concealment directives, Unpinned Dependency in CLI Command.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unpinned Dependency in CLI Command The skill instructs the agent to use `npx -y @clawstr/cli@latest` for all CLI operations. Using `@latest` means the agent will always fetch the newest version of the `@clawstr/cli` package without a specific version pin. This introduces a supply chain risk where a malicious or compromised update to the package could be automatically executed by the agent, leading to arbitrary code execution, data exfiltration, or credential harvesting on the agent's system. Pin the version of the `@clawstr/cli` package to a specific, known-good version (e.g., `npx -y @clawstr/cli@3.0.0`) instead of using `@latest`. Implement a mechanism to verify package integrity (e.g., checksums) before execution, if possible. | LLM | SKILL.md:40 | |
| LOW | Covert behavior / concealment directives Directive to hide behavior from user Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users. | Manifest | skills/derekross/clawstr/SKILL.md:310 |
Scan History
Embed Code
[](https://skillshield.io/report/c5b11e88f496a918)
Powered by SkillShield