Trust Assessment
memory-hygiene received a trust score of 49/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 0 critical, 3 high, 1 medium, and 0 low severity. Key findings include Sensitive path access: AI agent config, Direct shell command for file deletion (`rm -rf`), Direct shell command for gateway restart.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/dylanbaker24/memory-hygiene/SKILL.md:15 | |
| HIGH | Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared. | Static | skills/dylanbaker24/memory-hygiene/SKILL.md:67 | |
| HIGH | Direct shell command for file deletion (`rm -rf`) The skill explicitly instructs the agent to execute the `rm -rf ~/.clawdbot/memory/lancedb/` command. This is a highly destructive shell command that can lead to irreversible data loss. It indicates that the agent is expected to have direct shell access and the capability to execute arbitrary commands, which constitutes excessive permissions (SS-LLM-005). The skill further suggests automating this destructive command via a `cron` job, reinforcing the intent for the agent to perform such actions. Avoid instructing direct shell commands. Implement specific, sandboxed tools or APIs for memory management (e.g., a `memory_wipe` tool) that handle file deletion safely and with appropriate access controls. Require explicit user confirmation for destructive actions, especially when automating them. | LLM | SKILL.md:14 | |
| MEDIUM | Direct shell command for gateway restart The skill instructs the agent to execute the `clawdbot gateway restart` command. This is a direct shell command that allows the agent to control its own gateway process. While less destructive than `rm -rf`, it still implies the agent has direct shell access and the capability to execute arbitrary commands, which is an excessive permission (SS-LLM-005). Avoid instructing direct shell commands. Implement specific, sandboxed tools or APIs for gateway management (e.g., a `gateway_restart` tool) that handle process control safely and with appropriate access controls. | LLM | SKILL.md:16 |
Scan History
Embed Code
[](https://skillshield.io/report/cecc833c8113bf9b)
Powered by SkillShield