Security Audit

logo-design-guide

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

logo-design-guide received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Overly broad Bash permission for 'infsh', Potential data exfiltration via local file path in example command.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

2 findings

Shell Execution

2 findings

Excessive Permissions

2 findings

Security Findings2

Severity	Finding	Layer	Location
HIGH	Overly broad Bash permission for 'infsh' The skill declares `Bash(infsh )` in its manifest, which grants permission to execute any command starting with `infsh` with arbitrary arguments. This is an overly broad permission that could allow the skill to perform actions beyond its intended scope, including potentially harmful operations if the `infsh` tool has capabilities for arbitrary file system access, network requests, or other system interactions not directly related to its core function. While the examples provided are benign, the `` wildcard allows for a much wider range of commands. Restrict the `Bash` permission to only the specific `infsh` subcommands and arguments required for the skill's functionality (e.g., `Bash(infsh app run)`, or `Bash(infsh app run falai/flux-dev-lora)` if only specific apps are needed). Avoid using the `*` wildcard unless absolutely necessary and justified.	LLM	SKILL.md
MEDIUM	Potential data exfiltration via local file path in example command The skill provides an example command `infsh app run falai/topaz-image-upscaler --input '{"image": "path/to/best-logo.png", "scale": 4}'` which explicitly references a local file path. Given the broad `Bash(infsh )` permission, if the LLM were to execute such a command with a user-provided path, and if the `falai/topaz-image-upscaler` application (or the `infsh` tool itself) were to upload or process the specified local file on a remote server, it could lead to unintended data exfiltration of local user files. Although this is an example, the capability for the LLM to construct and execute such a command exists. If local file processing is intended, ensure the `infsh` tool and the invoked application have appropriate security controls and user consent mechanisms for handling local files. If not, avoid examples that suggest processing arbitrary local files, or clarify that only specific, non-sensitive files should be used. Consider if the `Bash(infsh )` permission should be further restricted to prevent arbitrary file path arguments.	LLM	SKILL.md:153

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/79e4fd7e5a9ff929.svg)](https://skillshield.io/report/79e4fd7e5a9ff929)