Trust Assessment
mission-control received a trust score of 27/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 6 findings: 1 critical, 2 high, 3 medium, and 0 low severity. Key findings include Persistence / self-modification instructions, Persistence mechanism: systemd service, Unpinned Git Repository Clone.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 64/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings6
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions systemd service persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/jzineldin/openclaw-mission-control/SKILL.md:27 | |
| HIGH | Persistence mechanism: systemd service Detected systemd service pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/jzineldin/openclaw-mission-control/SKILL.md:27 | |
| HIGH | Installation of Systemd Service with Sudo The installation instructions involve copying a service file (`mission-control.service`) to `/etc/systemd/system/` using `sudo` and then enabling it with `sudo systemctl enable --now`. This grants the skill the ability to run as a systemd service, potentially with elevated privileges (depending on the service file's configuration, which is not provided). A malicious or misconfigured service file could lead to persistent execution of arbitrary code with root privileges, compromising the host system. Thoroughly review the `mission-control.service` file to ensure it adheres to the principle of least privilege (e.g., running as a non-root user, minimal capabilities). Provide clear warnings about the implications of running services with `sudo`. Consider alternative, less privileged deployment methods if possible. | LLM | SKILL.md:20 | |
| MEDIUM | Unpinned Git Repository Clone The installation instructions clone a Git repository without specifying a particular commit hash or tag. This means future installations could pull different code, potentially introducing vulnerabilities or malicious changes if the upstream repository is compromised or altered. Pin the `git clone` operation to a specific commit hash or tag (e.g., `git clone -b <tag_or_hash> ...`) to ensure deterministic and auditable installations. | LLM | SKILL.md:10 | |
| MEDIUM | Unpinned NPM Dependencies Installation The installation instructions use `npm install` without explicitly mentioning the use of a `package-lock.json` or `npm-shrinkwrap.json` file. This can lead to non-deterministic dependency resolution, potentially installing different versions of packages over time, which could introduce new vulnerabilities or malicious code if a dependency is compromised (e.g., through typosquatting or supply chain attacks). Ensure a `package-lock.json` file is present and committed to the repository. Instruct users to install with `npm ci` (clean install) if possible, or at least ensure `npm install` respects the lock file. Regularly audit dependencies for known vulnerabilities. | LLM | SKILL.md:14 | |
| MEDIUM | Access to Sensitive Configuration and API Keys The skill explicitly states it will auto-detect and use a 'Gateway token from `~/.openclaw/openclaw.json`' and requires a 'Brave Search API key'. While necessary for functionality, this means the skill's code will have access to these sensitive credentials. If the skill's codebase were compromised or contained malicious logic, these credentials could be harvested or exfiltrated. Implement robust security practices for handling credentials within the skill's code, such as using environment variables, secure configuration management, and avoiding logging of sensitive data. Ensure the skill's code is regularly audited for vulnerabilities and malicious behavior. Users should be aware of the trust placed in the skill when providing access to such credentials. | LLM | SKILL.md:56 |
Scan History
Embed Code
[](https://skillshield.io/report/33fde82c68ac70b8)
Powered by SkillShield