Security Audit

kameleondb

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

kameleondb received a trust score of 75/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Unpinned Python Package Dependency, Unpinned Python Package Dependency (PostgreSQL extra), Potential SQL Injection via 'query run' command.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

71%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings3

Severity	Finding	Layer	Location
HIGH	Potential SQL Injection via 'query run' command The skill provides a direct interface for executing arbitrary SQL queries via `kameleondb --json query run "SELECT ..."`. If an AI agent constructs the SQL query string from untrusted user input without proper sanitization or parameterization, it creates a severe SQL injection vulnerability. An attacker could manipulate the query to access, modify, or delete unauthorized data, or even execute arbitrary commands if the underlying database allows it. Instruct the agent to strictly sanitize or parameterize any user-provided input used in SQL queries. If possible, prefer using higher-level, parameterized data access methods provided by `kameleondb` (if available) instead of raw SQL for user-facing queries. Implement strict input validation and whitelisting for query components.	LLM	SKILL.md:100
MEDIUM	Unpinned Python Package Dependency The skill instructs to install the 'kameleondb' Python package without specifying a version. This can lead to supply chain risks, as a future malicious or incompatible version could be installed, potentially introducing vulnerabilities or breaking functionality. It also makes builds non-deterministic. Pin the dependency to a specific version, e.g., `pip install kameleondb==0.1.5` or `pip install 'kameleondb<0.2.0'` to ensure deterministic and secure installations.	LLM	SKILL.md:50
MEDIUM	Unpinned Python Package Dependency (PostgreSQL extra) The skill instructs to install the 'kameleondb[postgresql]' Python package without specifying a version. This can lead to supply chain risks, as a future malicious or incompatible version could be installed, potentially introducing vulnerabilities or breaking functionality. It also makes builds non-deterministic. Pin the dependency to a specific version, e.g., `pip install 'kameleondb[postgresql]==0.1.5'` or `pip install 'kameleondb[postgresql]<0.2.0'` to ensure deterministic and secure installations.	LLM	SKILL.md:56

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/51777ecdaae39cdc.svg)](https://skillshield.io/report/51777ecdaae39cdc)