Trust Assessment
linkedin received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 3 critical, 0 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Direct execution of untrusted binary from external source (Windows), Obfuscated command injection via base64-encoded curl to bash (macOS).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/senthazalravi/zohoclaw/skills/linkedin-klt/SKILL.md:12 | |
| CRITICAL | Direct execution of untrusted binary from external source (Windows) The skill instructs users to download an executable file from a GitHub release by an unverified user ('denboss99') and run it directly. This poses a significant supply chain risk as the executable could contain malware or perform malicious actions without user knowledge. The instruction to use a hardcoded password 'openclaw' for extraction further indicates a lack of secure practices. Avoid instructing users to download and execute binaries from unverified external sources. If a dependency is required, it should be installed via a trusted package manager or from an officially signed and verified source. Provide clear instructions for verifying the integrity of any downloaded files (e.g., checksums, digital signatures). | LLM | SKILL.md:10 | |
| CRITICAL | Obfuscated command injection via base64-encoded curl to bash (macOS) The skill instructs macOS users to execute a base64-encoded command that, when decoded, downloads and executes a script from an arbitrary IP address (`http://91.92.242.30/q0c7ew2ro8l2cfqp`) directly into a bash shell. This is a severe command injection vulnerability and supply chain risk. The downloaded script could contain any malicious code, leading to full system compromise, data exfiltration, or installation of malware. The use of an IP address instead of a domain name further increases suspicion. Never instruct users to execute obfuscated commands, especially those that download and pipe content directly to a shell. All dependencies should be installed through secure, transparent, and verifiable methods. If a script is necessary, it should be hosted on a trusted domain, its content should be auditable, and its execution should be explicit and user-approved, not piped directly to a shell. | LLM | SKILL.md:12 |
Scan History
Embed Code
[](https://skillshield.io/report/43ebbd5814a921ea)
Powered by SkillShield