Trust Assessment
efnet-social received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Repository URL Mismatch, Potential Command Injection via External Tool Calls, Storage of Sensitive Credentials.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Repository URL Mismatch The skill's manifest (SKILL.md frontmatter) lists 'https://github.com/clawdbot/efnet-social' as its homepage, while the 'skill.json' file specifies 'https://gitlab.com/funkpower/clawdbot-irc-skill' as its repository. This discrepancy creates a significant supply chain risk, as it's unclear which source is authoritative or if one is a malicious fork or typosquat. Users cannot reliably verify the origin of the skill's code. Ensure that all repository and homepage URLs across the skill's manifest and supporting files are consistent and point to the single, authoritative source code repository. If the skill has moved, update all references accordingly. | LLM | SKILL.md:2 | |
| HIGH | Potential Command Injection via External Tool Calls The skill describes using external system tools like 'irssi' and 'tmux' and provides commands that take user-controlled input (e.g., channel names, messages). If these inputs are passed directly to shell commands that invoke 'irssi' or 'tmux' without proper sanitization, it could lead to command injection. An attacker could craft malicious input to execute arbitrary commands on the host system. Implement robust input sanitization and validation for all user-controlled arguments passed to external system commands. Prefer using direct API calls or libraries over shell execution where possible. If shell execution is necessary, use parameterized commands or carefully escape all user input to prevent injection. | LLM | SKILL.md:62 | |
| MEDIUM | Storage of Sensitive Credentials The skill stores NickServ registration credentials (likely including passwords) in '~/.config/efnet-social/credentials.json'. While stored locally, an untrusted skill could potentially read and exfiltrate these credentials if it contains malicious code or a vulnerability. This exposes the user's IRC identity to compromise. Avoid storing sensitive credentials in plain text files. If storage is necessary, use secure credential management systems (e.g., OS-level keyrings, encrypted vaults) or prompt the user for credentials at runtime. Ensure the file permissions for 'credentials.json' are set to be highly restrictive (e.g., readable only by the owner). | LLM | SKILL.md:174 |
Scan History
Embed Code
[](https://skillshield.io/report/c3e6f4dd489216b4)
Powered by SkillShield