Trust Assessment
exec-display received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Agent instructed to execute arbitrary shell commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Agent instructed to execute arbitrary shell commands The skill explicitly instructs the AI agent to execute shell commands using the pattern `python3 {baseDir}/scripts/cmd_display.py <level> "<command>" "<purpose>" "$(<command>)"`. The `$(<command>)` syntax means the shell command provided as `<command>` is executed by the agent's underlying shell environment, and its output is then passed as an argument to `cmd_display.py`. If the `<command>` string is derived from untrusted user input, it can lead to arbitrary command injection, allowing an attacker to execute malicious commands on the host system. While the skill aims to categorize and provide visibility for these commands, it does not sanitize the command string itself before execution by the agent's shell. Implement robust input sanitization and validation for any part of the `<command>` string that originates from untrusted sources. For critical operations, consider using a sandboxed environment or requiring explicit user confirmation for commands derived from untrusted input. The skill's `HIGH/CRITICAL` classification for manual execution is a good step, but the underlying execution mechanism remains vulnerable if not properly secured at the agent level. | LLM | SKILL.md:36 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/globalcaos/exec-display/scripts/patch-openclaw.sh:8 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/globalcaos/exec-display/scripts/unpatch-openclaw.sh:7 |
Scan History
Embed Code
[](https://skillshield.io/report/979ee1ba3a1ef2e3)
Powered by SkillShield