Trust Assessment
falcon received a trust score of 97/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Undeclared binary dependency: python3.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| LOW | Undeclared binary dependency: python3 The `falcon.sh` script uses `python3` for URL encoding within the `url_encode` function. This dependency is not explicitly declared in the skill's manifest (`metadata.openclaw.requires.bins`). While the usage itself is secure (input passed via stdin to a fixed Python script), the absence of this declaration can lead to runtime failures if `python3` is not present in the execution environment. It also represents a minor supply chain risk as the skill implicitly relies on an external binary that isn't formally acknowledged. Add `python3` to the `metadata.openclaw.requires.bins` list in the skill's manifest to ensure all necessary dependencies are declared and available. | LLM | falcon.sh:100 |
Scan History
Embed Code
[](https://skillshield.io/report/baca464155007e20)
Powered by SkillShield