Security Audit

huckleberry

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

huckleberry received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unpinned `huckleberry-cli` dependency, Potential Command Injection via CLI arguments.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Unpinned `huckleberry-cli` dependency The skill instructs to install `huckleberry-cli` using `pip install huckleberry-cli` without specifying a version. This allows for arbitrary code execution if a malicious version of the package is published to PyPI, as the skill would automatically pull the latest version. The note 'This is an unofficial tool and is not affiliated with Huckleberry' further increases the risk associated with this dependency. Pin the version of `huckleberry-cli` (e.g., `pip install huckleberry-cli==X.Y.Z`) or use a requirements.txt with pinned versions. Consider auditing the `huckleberry-cli` package for security vulnerabilities.	LLM	SKILL.md:15
MEDIUM	Potential Command Injection via CLI arguments The skill describes a command-line interface (`huckleberry`) that accepts various user-controlled string arguments (e.g., `--type`, `--child`, `--color`, `--consistency`). If the underlying `huckleberry-cli` tool does not properly sanitize or escape these inputs before processing them (e.g., passing them to a sub-shell or internal command), a malicious user could inject arbitrary shell commands. The `SKILL.md` itself does not show any input validation or sanitization mechanisms. Ensure that all user-provided arguments passed to the `huckleberry` CLI are strictly validated and properly escaped or quoted by the LLM before execution. The `huckleberry-cli` tool itself should also implement robust input sanitization and validation for all arguments.	LLM	SKILL.md:40

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/74d789d460df87c5.svg)](https://skillshield.io/report/74d789d460df87c5)