Trust Assessment
desktop-pet received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Cloning untrusted or unverified repository, Unvetted dependencies via `npm install`, API key stored in local configuration file.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Cloning untrusted or unverified repository The skill instructs users to clone a repository (`git clone https://github.com/kk43994/claw-desktop-pet.git`). This action downloads all code from the specified GitHub repository. If the repository is compromised, or if the maintainer introduces malicious code, the user would be executing potentially harmful software on their system. Users are implicitly trusting the integrity and security of the `kk43994/claw-desktop-pet` repository. Recommend users verify the authenticity and integrity of the repository (e.g., by reviewing the code, checking for signed commits/tags, or using trusted mirrors) before cloning and executing its contents. | LLM | SKILL.md:32 | |
| HIGH | Unvetted dependencies via `npm install` The skill instructs users to run `npm install`, which downloads and executes code from potentially numerous third-party packages defined in the project's `package.json` (not provided here). Without explicit dependency pinning (e.g., exact versions) and thorough vetting of all transitive dependencies, this process introduces a significant supply chain risk. A malicious or compromised package could execute arbitrary code on the user's system with the permissions of the user running the command. Implement strict dependency version pinning in `package.json` (e.g., using `package-lock.json` or exact versions). Regularly audit dependencies for known vulnerabilities using tools like Snyk or Dependabot. Consider using `npm ci` in automated environments for stricter dependency management. | LLM | SKILL.md:35 | |
| MEDIUM | API key stored in local configuration file The skill instructs users to store their MiniMax API key and voice ID directly in `pet-config.json`. Storing sensitive credentials in a local, plain-text configuration file makes them vulnerable to exposure. If the skill's code (not provided in this context) is compromised or designed maliciously, it could exfiltrate these credentials. Additionally, other local processes or malware could potentially access this file. For production or sensitive environments, consider using environment variables, a secure secrets manager, or a more robust credential management system instead of plain-text configuration files. Ensure `pet-config.json` is excluded from version control (e.g., via `.gitignore`). | LLM | SKILL.md:49 |
Scan History
Embed Code
[](https://skillshield.io/report/304ab0784c9d9928)
Powered by SkillShield