Trust Assessment
daily-hot-news received a trust score of 56/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 6 findings: 0 critical, 1 high, 4 medium, and 1 low severity. Key findings include Unpinned Python dependency version, Command Injection via Skill Installation, Unpinned or Loosely Pinned Dependencies.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Command Injection via Skill Installation The skill manifest explicitly uses the 'exec' kind for its installation command. While the current command `cd /root/.openclaw/workspace/skills/daily-hot-news && python3 -m pip install requests aiohttp` is benign and installs necessary dependencies, the 'exec' kind allows for arbitrary shell command execution during skill installation. If this command were to be dynamically constructed using untrusted input, or if the skill's deployment environment were compromised to alter this command, it could lead to severe command injection vulnerabilities, allowing an attacker to execute arbitrary code on the host system. Avoid using 'exec' for skill installation if possible. If 'exec' is strictly necessary, ensure that the command is entirely static and does not incorporate any untrusted or dynamically generated input. Implement robust validation and sanitization for any parameters that might influence the command. Consider using more constrained installation mechanisms or package managers that offer better security guarantees. | LLM | SKILL.md:1 | |
| MEDIUM | Unpinned Python dependency version Requirement 'requests>=2.28.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/one-box-u/daily-hot-news/requirements.txt:4 | |
| MEDIUM | Unpinned Python dependency version Requirement 'aiohttp>=3.8.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/one-box-u/daily-hot-news/requirements.txt:5 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pytest>=7.0.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/one-box-u/daily-hot-news/requirements.txt:8 | |
| MEDIUM | Unpinned Python dependency version Requirement 'pytest-asyncio>=0.20.0' is not pinned to an exact version. Pin Python dependencies with '==<exact version>'. | Dependencies | skills/one-box-u/daily-hot-news/requirements.txt:9 | |
| LOW | Unpinned or Loosely Pinned Dependencies The `requirements.txt` file specifies dependencies using loose version pinning (e.g., `requests>=2.28.0`). This practice allows for automatic updates to newer versions of these packages. While convenient, it introduces a supply chain risk where a future, potentially vulnerable or malicious, version of a dependency could be installed without explicit review. This can lead to unexpected behavior, security vulnerabilities, or even compromise if a dependency maintainer's account is compromised. Pin all dependencies to exact versions (e.g., `requests==2.28.0`) to ensure reproducible builds and prevent unexpected changes from upstream packages. Use a dependency lock file (e.g., `pip freeze > requirements.lock`) for production deployments to precisely control the versions of all installed packages and their transitive dependencies. | LLM | requirements.txt:4 |
Scan History
Embed Code
[](https://skillshield.io/report/c01806f179409def)
Powered by SkillShield