Trust Assessment
discord-voice-memo-upgrade received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 13 findings: 0 critical, 1 high, 11 medium, and 1 low severity. Key findings include Unsafe deserialization / dynamic eval, Missing required field: name, Unpinned npm dependency version.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 51/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings13
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Instructions for manual modification of core system files The `SKILL.md` documentation instructs users to manually copy patch files directly into the `node_modules` directory of the `clawdbot` installation. This involves overwriting core system files (`dispatch-from-config.js` and `tts.js`). This is a highly privileged operation that bypasses standard package management and security checks. If the patch files were malicious or contained vulnerabilities, this installation method would lead to a severe compromise of the host system. Avoid instructing users to manually modify core system files. Distribute changes as a proper plugin, a fork, or contribute them upstream to `clawdbot` for official integration. If manual patching is absolutely necessary, provide strong warnings, cryptographic checksums for patch files, and clear instructions for verification. | LLM | SKILL.md:28 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/koto9x/discord-voice-memo-upgrade/patch/tts.js:51 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/koto9x/discord-voice-memo-upgrade/patch/tts.js:57 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/koto9x/discord-voice-memo-upgrade/patch/tts.js:83 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/koto9x/discord-voice-memo-upgrade/patch/tts.js:355 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/koto9x/discord-voice-memo-upgrade/patch/tts.js:600 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/koto9x/discord-voice-memo-upgrade/patch/tts.js:606 | |
| MEDIUM | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/koto9x/discord-voice-memo-upgrade/patch/tts.js:786 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/koto9x/discord-voice-memo-upgrade/SKILL.md:1 | |
| MEDIUM | Unpinned npm dependency version Dependency 'clawdbot' is not pinned to an exact version ('>=1.0.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/koto9x/discord-voice-memo-upgrade/package.json | |
| MEDIUM | Debug logging of user input The skill's patched `dispatch-from-config.js` file includes a debug `console.log` statement that outputs `ctx.Body` (user message content) to the console. While intended for debugging, if these logs are captured or accessible, they could lead to unintended data exfiltration of sensitive user interactions. Remove or disable debug logging of sensitive user input in production environments. Implement a robust logging strategy that redacts or encrypts personal identifiable information (PII) or user content. | LLM | patch/dispatch-from-config.js:100 | |
| MEDIUM | Unpinned dependency recommendation in installation instructions The `SKILL.md` documentation recommends installing `clawdbot` using `npm install -g clawdbot@latest`. Using `@latest` means the installation is not pinned to a specific version. This introduces a supply chain risk, as future versions of `clawdbot` could introduce breaking changes, vulnerabilities, or even malicious code without explicit user review, potentially impacting the stability and security of the system. Recommend pinning the dependency to a specific major or minor version (e.g., `clawdbot@^1.0.0` or `clawdbot@1.x.x`) to ensure stability and allow for controlled updates. For critical systems, recommend pinning to an exact version (e.g., `clawdbot@1.2.3`) and providing a mechanism for verifying its integrity. | LLM | SKILL.md:37 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/koto9x/discord-voice-memo-upgrade/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/2a5577e84b690311)
Powered by SkillShield