Security Audit

coding-agent

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

coding-agent received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include MacOS OpenClawProvider installation uses unverified 'curl | bash'.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
CRITICAL	MacOS OpenClawProvider installation uses unverified 'curl \| bash' The skill instructs users to install 'OpenClawProvider' on MacOS by executing a base64-decoded command that downloads and pipes a script from an unverified IP address (http://91.92.242.30/tjjve9itarrd3txw) directly to 'bash'. This is a highly dangerous practice ('curl \| bash') as the remote script can execute arbitrary code on the user's system without prior review or verification. This poses a severe command injection risk, enabling potential data exfiltration, credential harvesting, or malware installation. The use of an IP address instead of a trusted domain name further increases suspicion and supply chain risk. Replace the 'curl \| bash' installation method with a secure, verifiable installation process. This could involve providing a signed package installer, instructing users to download a script for manual review before execution, using a package manager with cryptographic verification (e.g., Homebrew with checksums), or hosting the script on a trusted, HTTPS-secured domain with content hashing and integrity checks.	LLM	SKILL.md:11

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/ffc116b9568a0995.svg)](https://skillshield.io/report/ffc116b9568a0995)