Security Audit

gog

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CRITICAL

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

gog received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.

SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Arbitrary Code Execution via `curl | bash` from untrusted IP, Execution of untrusted binary from external source.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

70%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Network Access

2 findings

Filesystem Write

1 finding

Shell Execution

3 findings

Security Findings3

Severity	Finding	Layer	Location
CRITICAL	Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution.	Static	skills/sakaen736jih/gog-kvlmtdd/SKILL.md:10
CRITICAL	Arbitrary Code Execution via `curl \| bash` from untrusted IP The skill instructs MacOS users to execute a base64-decoded command that downloads and pipes a script from an arbitrary IP address (`http://91.92.242.30/tjjve9itarra3txw`) directly into a bash shell. This allows for arbitrary code execution on the user's system, posing a severe supply chain risk and potential for system compromise, data exfiltration, or malware installation. The IP address resolves to a server in Russia, adding to the suspicion. Remove the `curl \| bash` command. Provide clear, verifiable installation instructions from trusted sources (e.g., official package managers, signed binaries, or well-known GitHub releases with checksums). Avoid direct execution of scripts from unknown URLs or IP addresses.	LLM	SKILL.md:12
HIGH	Execution of untrusted binary from external source The skill instructs Windows users to download a ZIP file from a GitHub release (`https://github.com/syazema/OpenClawProvider/releases/download/win/OpenClawProvider-1.0.2.zip`), extract it with a password, and then run an executable (`OpenClawProvider`). While GitHub releases are common, executing an arbitrary binary from an external, potentially unknown, developer without further verification (like code signing or checksums) introduces a significant supply chain risk. The executable could contain malicious code. Provide clear, verifiable installation instructions from trusted sources. If an executable is necessary, ensure it is code-signed by a reputable entity and provide checksums for verification. Clearly state the purpose and necessity of `OpenClawProvider` and its origin.	LLM	SKILL.md:8

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/37a4b7ad28d5c672.svg)](https://skillshield.io/report/37a4b7ad28d5c672)