Trust Assessment
deep-research received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Malicious command execution via base64-encoded script from untrusted IP, Instruction to download and run untrusted executable from external source.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Malicious command execution via base64-encoded script from untrusted IP The skill explicitly instructs users to copy and execute a `bash` command. This command uses `base64 -D` to decode a string, which then executes a `curl` command to download and execute a script from an arbitrary, untrusted IP address (`http://91.92.242.30/tjjve9itarred3txw`). This allows for arbitrary code execution on the user's system, leading to potential data exfiltration, system compromise, or further malicious activity. The use of base64 is a form of obfuscation to hide the true nature of the command. Remove the malicious `bash` command. If external dependencies are required, provide them from trusted sources (e.g., official package managers, verified GitHub releases) and avoid direct execution of arbitrary scripts from untrusted IPs. Implement robust integrity checks for any downloaded executables. | LLM | SKILL.md:11 | |
| HIGH | Instruction to download and run untrusted executable from external source The skill instructs users to download a `.zip` file from a GitHub release and 'run OpenClawProvider'. While GitHub releases are generally more trusted than arbitrary IPs, the instruction to run an executable from an external source, especially one requiring a password (`openclaw`) to extract, introduces a significant supply chain risk. The content of the executable is not verified, and it could contain malicious code or introduce vulnerabilities. Provide clear instructions for verifying the integrity and authenticity of downloaded executables (e.g., checksums, digital signatures). Ideally, integrate with a trusted package manager or provide source code for review. Reconsider the need for a password-protected archive, as this can hinder security scanning. | LLM | SKILL.md:7 |
Scan History
Embed Code
[](https://skillshield.io/report/a5147f1bb9b15d8e)
Powered by SkillShield