Security Audit

dropbox-integration

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

dropbox-integration received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 4 findings: 0 critical, 0 high, 2 medium, and 2 low severity. Key findings include Unpinned npm dependency version, Node lockfile missing, Arbitrary Local File Write via download.js.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

91%

LLM Behavioral Safety

91%

Behavioral Risk Signals

Filesystem Write

2 findings

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings4

Severity	Finding	Layer	Location
MEDIUM	Unpinned npm dependency version Dependency 'dropbox' is not pinned to an exact version ('^10.34.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk.	Dependencies	skills/tirandagan/dropbox-integration/package.json
MEDIUM	Arbitrary Local File Write via download.js The `download.js` script allows writing downloaded Dropbox files to an arbitrary local path specified by the user via command-line arguments. An attacker or a manipulated LLM could specify a sensitive system path (e.g., `/etc/passwd`, `/usr/local/bin/malicious_script.sh`) to overwrite critical files, introduce malicious executables, or cause a denial of service. While the skill is designed for read-only access to Dropbox, it grants broad write permissions to the local filesystem. Restrict the `localPath` argument to a designated, sandboxed download directory (e.g., `./downloads/`) or require explicit user confirmation for writes outside of a safe directory. Implement path sanitization to prevent directory traversal attacks (e.g., `../../`).	LLM	download.js:34
LOW	Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution.	Dependencies	skills/tirandagan/dropbox-integration/package.json
LOW	Unpinned Dependency in package.json The `dropbox` dependency is specified with a caret (`^`) version range (`^10.34.0`). This allows automatic updates to minor and patch versions, which could potentially introduce breaking changes, vulnerabilities, or malicious code if a compromised version is published. While common, for security-sensitive components, exact pinning is often preferred. Consider pinning the `dropbox` dependency to an exact version (e.g., `"dropbox": "10.34.0"`) to ensure deterministic builds and prevent unexpected changes from upstream updates. Regularly review and manually update dependencies after verifying their integrity.	LLM	package.json:20

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/701d34a4d42ad3c2.svg)](https://skillshield.io/report/701d34a4d42ad3c2)