Security Audit

craft-cli

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

craft-cli received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 4 findings: 0 critical, 1 high, 3 medium, and 0 low severity. Key findings include Missing required field: name, Sensitive environment variable access: $HOME, Unverified binary download from external source.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

86%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

3 findings

Excessive Permissions

2 findings

Security Findings4

Severity	Finding	Layer	Location
HIGH	Unverified binary download from external source The skill instructs users to download a binary (`craft-darwin-arm64`) directly from a GitHub release URL using `curl`. There is no checksum or signature verification mechanism provided, making the installation vulnerable to supply chain attacks if the GitHub repository or release assets are compromised. A malicious binary could be substituted, leading to arbitrary code execution. Provide a cryptographic hash (e.g., SHA256) for the downloaded binary and instruct users to verify it before execution. Ideally, use a package manager or signed packages for installation.	LLM	SKILL.md:10
MEDIUM	Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter.	Static	skills/nerveband/craft-cli/SKILL.md:1
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/nerveband/craft-cli/craft-helper.sh:5
MEDIUM	Installation requires root privileges for unverified binary The installation process requires `sudo` to move the downloaded `craft` binary into `/usr/local/bin`. When combined with the lack of binary verification (SS-SCRM-001), this means a potentially malicious binary could be installed with root privileges, granting it full control over the system. This amplifies the impact of a supply chain compromise. Implement binary verification (checksum/signature) before instructing users to install with root privileges. Consider installing to a user-specific directory if root is not strictly necessary, or ensure the binary is from a trusted, verified source.	LLM	SKILL.md:12

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/104f86fe886c4e7d.svg)](https://skillshield.io/report/104f86fe886c4e7d)