Security Audit

fabric-api

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

fabric-api received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential for Command Injection via Unsanitized User Input in `curl` JSON Payloads.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Potential for Command Injection via Unsanitized User Input in `curl` JSON Payloads The skill's documentation provides `curl` command templates that include JSON payloads (e.g., for `name`, `text`, `url`, `parentId`). These fields are expected to be populated with user-provided data by the AI agent. If the AI agent does not properly sanitize or escape user input (e.g., double quotes, backslashes, or other JSON-breaking characters) before embedding it into the JSON strings within the `curl --data-binary @- <<'JSON' ... JSON` block, it could lead to JSON syntax errors or, in a worst-case scenario, command injection. While the heredoc `<<'JSON'` prevents shell expansion within the JSON content, malformed JSON could still lead to unexpected behavior or errors, or potentially break out of the JSON structure if the LLM's generation is sufficiently malformed, allowing arbitrary shell commands to be executed. Ensure all user-provided strings intended for JSON fields are properly escaped (e.g., double quotes, backslashes) before being inserted into the JSON payload. The LLM should use a robust JSON serialization library or function to construct the JSON string, rather than simple string concatenation, to prevent injection vulnerabilities. For URL paths, ensure proper URL encoding.	LLM	SKILL.md:79

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/03c480c7a19b900e.svg)](https://skillshield.io/report/03c480c7a19b900e)