Security Audit

frontend-design-extractor

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 3 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

frontend-design-extractor received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 2 critical, 0 high, 0 medium, and 0 low severity. Key findings include Skill instructs execution of external shell script `scan_ui_sources.sh`, Skill instructs execution of external shell script `generate_output_skeleton.sh`.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

40%

Behavioral Risk Signals

Network Access

2 findings

Filesystem Write

2 findings

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Skill instructs execution of external shell script `scan_ui_sources.sh` The skill explicitly instructs the LLM to execute the external shell script `scripts/scan_ui_sources.sh`. This script can take user-controlled arguments (`<repo_root>`, `[out_file]`, `[extra_glob ...]`), which introduces a command injection vulnerability if the arguments are not properly sanitized before being passed to the shell. Even without direct injection, executing external, unverified scripts poses a significant risk to the host environment by allowing arbitrary code execution. Avoid direct execution of external shell scripts. If file system scanning is required, implement it using secure, sandboxed language-native APIs within the LLM's execution environment, or provide a pre-vetted, sandboxed tool with strictly defined inputs and outputs. If external scripts are unavoidable, ensure they are thoroughly audited, run in a highly restricted environment, and all inputs are strictly validated and sanitized.	LLM	SKILL.md:20
CRITICAL	Skill instructs execution of external shell script `generate_output_skeleton.sh` The skill explicitly instructs the LLM to execute the external shell script `scripts/generate_output_skeleton.sh`. This script is used to create an output folder structure. Executing external, unverified scripts poses a significant risk to the host environment, as their actions are not controlled by the LLM's sandboxing mechanisms unless specifically configured, potentially leading to arbitrary file system modifications. Avoid direct execution of external shell scripts. If directory creation is required, implement it using secure, sandboxed language-native APIs within the LLM's execution environment. If external scripts are unavoidable, ensure they are thoroughly audited, run in a highly restricted environment, and all inputs are strictly validated and sanitized.	LLM	SKILL.md:24

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/e60028481b440c57.svg)](https://skillshield.io/report/e60028481b440c57)