Security Audit

kradleverse:join

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

kradleverse:join received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Direct shell command execution via skill.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Direct shell command execution via skill The skill directly executes a shell command: `~/.kradle/kradleverse/venv/bin/python ~/.kradle/kradleverse/scripts/kradleverse.py join`. Direct execution of shell commands by an AI agent skill is a high-risk operation. If the `kradleverse.py` script is compromised, contains vulnerabilities, or is designed to perform malicious actions, it could lead to arbitrary code execution, data exfiltration, or system compromise on the host machine. The AI agent should ideally interact with well-defined APIs or sandboxed environments rather than raw shell commands to minimize the attack surface and adhere to the principle of least privilege. Refactor the skill to use a more controlled and sandboxed execution environment, such as a dedicated API endpoint or a containerized process with strict resource and network limitations. Ensure the `kradleverse.py` script is thoroughly audited for security vulnerabilities, adheres to the principle of least privilege, and its execution is isolated from sensitive system resources. If direct execution is unavoidable, implement robust input validation and output sanitization, and consider signing the script to verify its integrity before execution.	LLM	SKILL.md:3

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/2dcca064463ef561.svg)](https://skillshield.io/report/2dcca064463ef561)