Security Audit

create-dxf

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

create-dxf received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Arbitrary File Read via Spec File Path.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Arbitrary File Read via Spec File Path The `scripts/create_dxf.py` script allows reading arbitrary files from the filesystem. The `load_spec` function directly opens the file path provided as the `path` argument (which originates from the command-line `spec_file` argument) without sufficient validation or sanitization. An attacker (or a malicious prompt to the LLM) could provide a path to a sensitive file (e.g., `/etc/passwd`, `~/.ssh/id_rsa`) as the `spec_file` argument, leading to its content being read into memory. Although `json.load()` would likely fail if the file is not valid JSON, the file's content would still be accessed and potentially exposed through error messages or logs. Implement strict validation for the `spec_file` path. This could involve: 1. Restricting the path to a specific, sandboxed input directory. 2. Ensuring the path is a simple filename and does not contain directory separators (`/`, `\`, `..`). 3. Using a more secure file handling mechanism that prevents reading outside a designated scope. 4. If the skill is intended to only process files generated by the LLM, ensure the LLM is constrained to write to a safe, temporary location and only provide paths within that location.	LLM	scripts/create_dxf.py:108

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/4f87b820cc1f68e1.svg)](https://skillshield.io/report/4f87b820cc1f68e1)