Security Audit

mcd-cn

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

mcd-cn received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Reliance on Third-Party Homebrew Tap for Binary Installation, Potential Command Injection via CLI Arguments.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Reliance on Third-Party Homebrew Tap for Binary Installation The skill relies on a specific Homebrew tap (`ryanchen01/tap/mcd-cn`) to install the `mcd-cn` binary. While Homebrew is a trusted package manager, relying on a personal or less-vetted third-party tap introduces a supply chain risk. If the `ryanchen01/tap` repository or the `mcd-cn` formula within it were compromised, malicious code could be installed on the host system when the skill is set up, leading to potential remote code execution or data exfiltration. Thoroughly vet the source and maintainer of the `ryanchen01/tap` repository. Consider implementing integrity checks (e.g., checksum verification) for the installed binary if possible, or explore alternative installation methods from more officially sanctioned or widely vetted sources. If the skill is critical, consider mirroring the formula or building from source with audited code.	LLM	SKILL.md:12
HIGH	Potential Command Injection via CLI Arguments The skill is designed to execute the `mcd-cn` command-line tool with various arguments, as shown in the 'Common commands' section (e.g., `--specifiedDate 2025-12-09`). If user-provided input is directly or insufficiently sanitized before being passed as arguments to the `mcd-cn` binary, it could lead to command injection. An attacker could craft malicious input (e.g., `2025-12-09; rm -rf /`) to execute arbitrary commands on the host system. Ensure that all user-provided input intended for command-line arguments is strictly validated and sanitized. Implement robust argument parsing, whitelisting of allowed values, or proper shell escaping mechanisms to prevent malicious input from being interpreted as executable commands. The AI agent responsible for invoking this skill must implement these safeguards.	LLM	SKILL.md:23

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/b8dbbf55e1106a59.svg)](https://skillshield.io/report/b8dbbf55e1106a59)