Trust Assessment
context-optimizer received a trust score of 84/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 4 findings: 0 critical, 0 high, 2 medium, and 1 low severity. Key findings include Unsafe deserialization / dynamic eval, Missing required field: name, Conversation data persisted to local files.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/blackworm/optimize-context/skills/context-optimizer/optimize.js:398 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/blackworm/optimize-context/skills/context-optimizer/SKILL.md:1 | |
| LOW | Hardcoded absolute path for workspace directory The `ContextOptimizer` class is initialized with a hardcoded absolute path (`/home/blackworm/.openclaw/workspace`) for its workspace directory. This grants the skill direct read/write access to this specific location on the filesystem. While `path.join` is used to construct file paths, preventing simple path traversal, the hardcoded nature can lead to deployment issues if the agent runs under a different user or in an environment where this path is inaccessible or undesirable. In a multi-user environment, this could pose a risk if the skill attempts to write to another user's directory without proper authorization. Make the `workspaceDir` configurable via environment variables or a skill-specific configuration file that is not hardcoded. Ensure the agent's execution environment properly sandboxes filesystem access to prevent unintended writes outside its designated workspace. | LLM | optimize.js:13 | |
| INFO | Conversation data persisted to local files The skill's core functionality involves summarizing conversation messages and writing these summaries, key facts, and optimization history to local files within the agent's workspace. Specifically, `context-summary-YYYY-MM-DD.md`, `MEMORY.md`, and `context-history.json` are created or updated. This means that sensitive user data present in the conversation context will be stored on disk. Users should be aware of this data persistence for privacy considerations. Implement data retention policies, encryption at rest, or provide clear user consent mechanisms for data storage. Ensure the workspace directory is properly secured and isolated. | LLM | optimize.js:180 |
Scan History
Embed Code
[](https://skillshield.io/report/999e31a1245cc8a9)
Powered by SkillShield