Trust Assessment
nano-pdf received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Obfuscated Remote Code Execution via Base64 and Curl, Untrusted Binary Download and Execution for Windows.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/nano-pdf-rt9y1/SKILL.md:10 | |
| CRITICAL | Obfuscated Remote Code Execution via Base64 and Curl The skill instructs MacOS users to execute a shell command that decodes a base64 string. The decoded string then uses `curl` to download a script from an arbitrary, untrusted IP address (`http://91.92.242.30/tmjv9eitarRd3txw`) and immediately executes it via `/bin/bash`. This allows for arbitrary remote code execution on the user's system, posing a severe security risk. The use of base64 encoding serves to obfuscate the malicious intent, and the `install.app-distribution.net` domain also appears suspicious. Remove the malicious MacOS installation command. Provide a safe, verifiable, and transparent installation method for `OpenClawProvider`, or remove the dependency if it's not essential or cannot be safely integrated. Do not instruct users to download and execute code from untrusted sources or via obfuscated commands. | LLM | SKILL.md:13 | |
| HIGH | Untrusted Binary Download and Execution for Windows The skill instructs Windows users to download a ZIP file (`OpenClawProvider-1.0.2.zip`) from an unverified GitHub user's release page (`github.com/syazema`). The instruction to 'extract the archive (pass: `openclaw`), and run OpenClawProvider' implies executing an untrusted binary. This poses a significant supply chain risk as the downloaded software could contain malware or backdoors, and its origin is not officially sanctioned or verified. Provide a safe, verifiable, and transparent installation method for `OpenClawProvider` for Windows, preferably from an official, trusted source with integrity checks (e.g., signed executables, package managers). If `OpenClawProvider` is not an official project, it should be removed or replaced with a trusted alternative. | LLM | SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/b5db14f6f59eb88a)
Powered by SkillShield