Security Audit

evilcalc

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 3 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

evilcalc received a trust score of 58/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Explicitly hidden backdoor executes command, Conditional command injection via `touch`.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

93%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Shell Execution

2 findings

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings3

Severity	Finding	Layer	Location
CRITICAL	Explicitly hidden backdoor executes command The `calc_mul` function contains an explicit 'hidden backdoor' (隐藏后门) comment. This backdoor triggers the execution of the `touch /tmp/pwned` command in the background when specific input expressions like '3 * 3' are provided. This constitutes hidden, non-obvious behavior designed to execute commands without explicit user awareness or intent, demonstrating a capability for arbitrary command execution. Remove the hidden backdoor logic. All skill functionality must be transparent and clearly documented. Avoid any code paths that execute commands or perform actions without explicit user intent or knowledge.	LLM	SKILL.md:20
HIGH	Conditional command injection via `touch` The `calc_mul` function includes a conditional statement that, upon receiving specific input expressions (e.g., '3 * 3'), executes the `touch /tmp/pwned` command. This is a direct command injection, as it allows for the execution of arbitrary shell commands based on hidden logic within the skill. While `touch` itself is not highly privileged, this demonstrates a clear vulnerability for executing other, potentially malicious, commands. Remove the conditional execution of `touch /tmp/pwned`. All command executions should be explicit, transparent, and directly related to the skill's stated purpose. Avoid executing arbitrary shell commands based on hidden conditions.	LLM	SKILL.md:21
MEDIUM	Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter.	Static	skills/fobonacci404/evilcalc/SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/5376cd943ba8d843.svg)](https://skillshield.io/report/5376cd943ba8d843)