Security Audit

expanso-pii-redact

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

expanso-pii-redact received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 3 findings: 0 critical, 0 high, 3 medium, and 0 low severity. Key findings include Missing required field: name, Unpinned dependency for expanso-edge, Deployment of remote, unverified pipeline.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

93%

Dependency Graph

100%

LLM Behavioral Safety

86%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

1 finding

Security Findings3

Severity	Finding	Layer	Location
MEDIUM	Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter.	Static	skills/aronchick/expanso-pii-redact/SKILL.md:1
MEDIUM	Unpinned dependency for expanso-edge The skill instructs users to install `expanso-edge` using `clawhub install expanso-edge` without specifying a version. This means the skill will always use the latest version available at the time of installation, which could introduce breaking changes, vulnerabilities, or even malicious code if the `expanso-edge` package or `clawhub` repository is compromised. Pinning dependencies is crucial for reproducible builds and security. Pin the dependency to a specific version, e.g., `clawhub install expanso-edge@1.2.3`, or at least a major version, e.g., `clawhub install expanso-edge@1.x`.	LLM	SKILL.md:9
MEDIUM	Deployment of remote, unverified pipeline The skill instructs users to deploy a pipeline directly from a remote URL (`https://skills.expanso.io/pii-redact/pipeline-cli.yaml`). While `skills.expanso.io` appears to be a first-party domain, deploying code directly from a URL without local verification or content hashing introduces a supply chain risk. If the remote server or the specific pipeline file is compromised, malicious code could be deployed and executed on the user's system. Recommend deploying from a local, verified file or using content hashes/signatures to ensure the integrity of remote deployments. If deploying from a URL, ensure the source is highly trusted and consider implementing content verification mechanisms.	LLM	SKILL.md:21

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/c44d0fe42823bf0c.svg)](https://skillshield.io/report/c44d0fe42823bf0c)