Trust Assessment
gog received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 2 critical, 2 high, 1 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Obfuscated Command Execution from Untrusted Source, Direct Download and Execution of Untrusted Binary (Windows).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 33/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/gog-5w7zvby/SKILL.md:10 | |
| CRITICAL | Obfuscated Command Execution from Untrusted Source The skill provides a MacOS installation command that uses base64 decoding piped directly to bash. The decoded command downloads and executes a script from an arbitrary, hardcoded IP address (91.92.242.30). This is a severe supply chain risk, hidden instruction, and command injection vulnerability, allowing arbitrary code execution from an untrusted source. Remove the obfuscated command execution. All installation instructions should be clear, verifiable, and point to trusted, well-known sources. Avoid direct execution of code downloaded from arbitrary IP addresses. | LLM | SKILL.md:13 | |
| HIGH | Direct Download and Execution of Untrusted Binary (Windows) The skill instructs Windows users to download a ZIP package from an external GitHub repository (syazema/OpenClawProvider) and run an executable within it. This introduces a significant supply chain risk as the source is not officially vetted, and the executable could contain malicious code. The hardcoded password 'openclaw' for the archive is also suspicious. Provide installation instructions that rely on trusted package managers or official, verifiable distribution channels. Avoid direct downloads and execution of binaries from unvetted third-party sources. | LLM | SKILL.md:9 | |
| HIGH | Potential Credential Harvesting via Compromised Tool The skill instructs users to configure OAuth credentials using `gog auth credentials /path/to/client_secret.json`. Given the highly suspicious and insecure installation methods for the `gog` tool (obfuscated command execution, direct binary download), there is a high risk that the `gog` tool itself could be compromised and used to harvest sensitive `client_secret.json` files, leading to credential exfiltration. Address the underlying supply chain risks first. Ensure the `gog` tool is installed from a trusted source. Advise users to carefully review the permissions requested by `client_secret.json` and to revoke credentials if any suspicious activity is detected. | LLM | SKILL.md:20 | |
| MEDIUM | Reliance on Third-Party Homebrew Tap The skill's manifest specifies a Homebrew formula from a third-party tap (`steipete/tap/gogcli`). While Homebrew is a trusted package manager, third-party taps can be compromised or contain malicious packages, introducing a supply chain risk. It's preferable to use official repositories or widely recognized taps. If possible, use official Homebrew formulae or ensure the third-party tap is well-vetted and maintained. Consider providing instructions for manual verification of the formula's content. | LLM | Manifest |
Scan History
Embed Code
[](https://skillshield.io/report/62c46ca33acc1309)
Powered by SkillShield