Security Audit

grounding-lite

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

grounding-lite received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via mcporter arguments, Unpinned Dependency in Skill Manifest.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Command Injection via mcporter arguments The skill demonstrates passing user-controlled input directly as arguments to `mcporter` commands (e.g., `textQuery`, `location`, `origin`, `destination`). If the `mcporter` tool does not properly sanitize or escape these arguments before executing internal shell commands or child processes, a malicious user could inject arbitrary shell commands, leading to remote code execution. For example, a `textQuery` like `"pizza near Times Square NYC; rm -rf /"` could be executed if not properly handled. Implement robust input sanitization and escaping for all user-provided parameters before passing them to `mcporter` or any shell command. Ensure that `mcporter` itself uses safe argument passing mechanisms (e.g., `subprocess.run` with `shell=False` and arguments as a list in Python, or equivalent in Node.js) to prevent shell interpretation of arguments.	LLM	SKILL.md:29
MEDIUM	Unpinned Dependency in Skill Manifest The skill's manifest specifies `mcporter` as an npm package dependency without pinning it to a specific version. This means that any future version of `mcporter` could be installed, potentially introducing breaking changes, vulnerabilities, or even malicious code if the package maintainer's account is compromised or a malicious update is pushed. This creates a supply chain risk. Pin the `mcporter` dependency to a specific, known-good version (e.g., `mcporter@1.2.3`) in the skill's manifest to ensure deterministic builds and prevent unexpected or malicious updates. Regularly audit and update dependencies to newer, secure versions.	LLM	SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/caf080d5e524b416.svg)](https://skillshield.io/report/caf080d5e524b416)