Security Audit

comment-gen

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

comment-gen received a trust score of 81/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include User code sent to external LLM, Unpinned dependency in npx command.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

2 findings

Filesystem Write

1 finding

Shell Execution

2 findings

Security Findings2

Severity	Finding	Layer	Location
HIGH	User code sent to external LLM The skill describes a tool that reads user code files and sends their content to an external Large Language Model (GPT-4o-mini) for processing. This means any sensitive or proprietary code processed by the tool will be transmitted to a third-party service, potentially exposing confidential information. Inform users explicitly about the data transmission to external services and advise against using the tool with highly sensitive or proprietary code. Consider offering an on-premise or local-only processing option if feasible.	LLM	SKILL.md:67
MEDIUM	Unpinned dependency in npx command The skill instructs users to run a tool using `npx ai-comment` without specifying a version. This means `npx` will always fetch and execute the 'latest' version of the `ai-comment` package from npm. If the package maintainer's account is compromised, or if a malicious actor gains control of the package name, a malicious version could be published and automatically executed by users, leading to supply chain attacks. Always pin dependencies to a specific version when instructing users to run `npx` commands (e.g., `npx ai-comment@1.0.0`). This ensures that users execute a known, tested version and are not automatically exposed to potentially malicious updates.	LLM	SKILL.md:13

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/a990909e65cb90d1.svg)](https://skillshield.io/report/a990909e65cb90d1)