Security Audit

erp-data-extractor

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

erp-data-extractor received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Arbitrary file write vulnerability in export functions, SQL Injection vulnerability in `generate_sql_query`.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

93%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Filesystem Write

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

2 findings

Security Findings3

Severity	Finding	Layer	Location
CRITICAL	SQL Injection vulnerability in `generate_sql_query` The `generate_sql_query` method constructs SQL queries by directly embedding values from `source.filters` into the query string without proper sanitization or parameterization. If `source.filters` can be influenced by untrusted input, an attacker could inject malicious SQL code, leading to unauthorized data access, modification, deletion, or even remote code execution depending on the database configuration. This is a direct data exfiltration risk. Use parameterized queries or prepared statements instead of string concatenation for building SQL queries. If the skill only generates the query string, it should generate a query with placeholders and delegate safe execution to the caller. Do not directly embed user-controlled values into SQL strings.	LLM	SKILL.md:299
HIGH	Arbitrary file write vulnerability in export functions The `export_to_excel` and `export_to_json` methods allow writing data to an arbitrary `output_path` provided as an argument. If an attacker can control this path, they could write to sensitive file system locations, potentially overwriting critical system files, leading to denial of service, or writing data to publicly accessible directories for exfiltration. This grants excessive write permissions to the skill. Implement strict path validation to ensure `output_path` is within an allowed, sandboxed directory. Disallow absolute paths or paths containing `..`. Consider using a temporary file system or a dedicated output directory for exports.	LLM	SKILL.md:250
MEDIUM	Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter.	Static	skills/datadrivenconstruction/erp-data-extractor/SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/10179b5db6b9044e.svg)](https://skillshield.io/report/10179b5db6b9044e)