Trust Assessment
migrate received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, Arbitrary File Placement via Untrusted Archive Import.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 5acc5677). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Arbitrary File Placement via Untrusted Archive Import The `import.sh` script is designed to restore a Clawdbot installation from an archive. It extracts the archive's contents into a temporary staging directory and then copies files from this staging area into the user's Clawdbot workspace (`$HOME/clawd`) and configuration directory (`$HOME/.clawdbot`). If a malicious or untrusted archive is provided as input, an attacker could craft it to place arbitrary files (e.g., malicious scripts, configuration files, or dotfiles like `.bashrc`) into these operational directories. This could lead to arbitrary code execution when the user interacts with the Clawdbot agent or their shell, or compromise the agent's behavior and data integrity. Implement robust validation for imported archives. While path traversal outside the target directories is mitigated by the staging area, malicious files placed within the intended workspace or config directories still pose a significant risk. Users should be explicitly warned about the dangers of importing archives from untrusted sources. For critical migrations, consider adding a checksum verification mechanism if the archive is expected to be from a known source, or implement stricter content validation if feasible (e.g., by inspecting file types or contents before copying). | LLM | scripts/import.sh:70 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/mrgoodb/migrate/scripts/export.sh:14 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/mrgoodb/migrate/scripts/import.sh:15 |
Scan History
Embed Code
[](https://skillshield.io/report/00a369b159fc5b34)
Powered by SkillShield