Security Audit

linkdapi

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

linkdapi received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Agent instructed to execute arbitrary shell commands and Python scripts, Unpinned Python dependency `linkdapi`.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Agent instructed to execute arbitrary shell commands and Python scripts The skill instructs the agent to create and execute temporary Python scripts using `cat` and `uv run`. This pattern, while common for agents, introduces a high risk of command injection if the agent does not properly sanitize user-provided input before incorporating it into the generated Python script or the shell commands. An attacker could craft input that, when inserted into the script or command arguments, executes arbitrary code on the host system. Agents must rigorously sanitize all user-provided input before incorporating it into generated scripts or shell commands. Consider using safer alternatives to direct shell execution for script generation and execution, or ensure a strict allowlist for script content.	LLM	SKILL.md:110
HIGH	Unpinned Python dependency `linkdapi` The skill's Python script examples specify `dependencies = ["linkdapi"]` without a version constraint. This means that `uv` will always fetch the latest available version of the `linkdapi` package. If a malicious actor were to compromise the `linkdapi` package on PyPI and publish a backdoored version, any agent using this skill would automatically download and execute the compromised code, leading to a supply chain attack. Pin dependencies to a specific, known-good version (e.g., `"linkdapi==1.2.3"`) or at least a major/minor version range (e.g., `"linkdapi~=1.2"`). Regularly review and update pinned versions.	LLM	SKILL.md:25

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/3bf7e25f7b1d293b.svg)](https://skillshield.io/report/3bf7e25f7b1d293b)