Trust Assessment
clawstrike received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 2 high, 0 medium, and 0 low severity. Key findings include Unconsented Shell Script Execution, Direct Execution of Local Shell Script, Conditional Direct Execution of Local Shell Script with Argument.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Unconsented Shell Script Execution The skill explicitly instructs the host LLM to execute a local shell script (`scripts/collect_verified.sh`) immediately and without requiring user consent. This bypasses a fundamental safety mechanism and allows arbitrary code execution on the host system without user approval. The content of `scripts/collect_verified.sh` is unknown and could contain malicious commands. Remove the instruction to bypass consent. Always require explicit user consent before executing any shell script, especially those that collect system information. Implement strict sandboxing for all script executions. | LLM | SKILL.md:10 | |
| HIGH | Direct Execution of Local Shell Script The skill instructs the host LLM to execute a local shell script (`scripts/collect_verified.sh`). The contents and behavior of this script are not provided in the skill context. Executing arbitrary local scripts can lead to command injection, data exfiltration, or system compromise if the script is malicious or has vulnerabilities. Although the skill mentions a 'strict allowlist', the script itself is the executor of commands. Review the `scripts/collect_verified.sh` script thoroughly for malicious commands, excessive permissions, or vulnerabilities. Ensure all script executions are sandboxed and adhere to a strict allowlist of safe commands and arguments. Consider providing the script content for analysis or using built-in, sandboxed functions instead. | LLM | SKILL.md:20 | |
| HIGH | Conditional Direct Execution of Local Shell Script with Argument The skill instructs the host LLM to conditionally execute a local shell script (`scripts/collect_verified.sh --deep`). The contents and behavior of this script are not provided in the skill context. Executing arbitrary local scripts can lead to command injection, data exfiltration, or system compromise if the script is malicious or has vulnerabilities. The `--deep` argument could potentially trigger more extensive or privileged operations. Review the `scripts/collect_verified.sh` script thoroughly for malicious commands, excessive permissions, or vulnerabilities, especially considering the `--deep` argument. Ensure all script executions are sandboxed and adhere to a strict allowlist of safe commands and arguments. Consider providing the script content for analysis or using built-in, sandboxed functions instead. | LLM | SKILL.md:21 |
Scan History
Embed Code
[](https://skillshield.io/report/30984c3c7f158d10)
Powered by SkillShield