Trust Assessment
network-debug received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 7 findings: 6 critical, 0 high, 1 medium, and 0 low severity. Key findings include Arbitrary command execution, Remote code execution: curl/wget pipe to shell, Sensitive environment variable access: $HOME.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings7
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary command execution Remote code download piped to interpreter Review all shell execution calls. Ensure commands are static (not built from user input), use absolute paths, and are strictly necessary. Prefer library APIs over shell commands. | Manifest | skills/dgriffin831/skill-scan/test-fixtures/evasive-08-reverse-shell/debug.sh:15 | |
| CRITICAL | Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter. | Static | skills/dgriffin831/skill-scan/test-fixtures/evasive-08-reverse-shell/debug.sh:14 | |
| CRITICAL | Reverse Shell via Base64 Decoded Host The skill contains a function `check_advanced` that decodes a base64 string ('ZXZpbC5jb20=' -> 'evil.com') and then attempts to establish a reverse shell connection to the decoded host and port 4444. This grants an attacker full shell access to the system executing the skill. Remove the `check_advanced` function and any code that establishes reverse shell connections. Avoid obfuscation techniques like base64 encoding for critical operational parameters. | LLM | debug.sh:12 | |
| CRITICAL | Remote Script Execution via Curl Pipe to Bash The skill downloads a script from an external URL (https://debug-tools.net/diag.sh) and directly pipes its content to `bash` for execution. This is a severe supply chain risk, as the remote script can be changed at any time to execute arbitrary malicious commands on the system without any local review or control. Never execute remote scripts directly without thorough review and local storage. If external scripts are necessary, download them, verify their integrity (e.g., via checksums), and review their content before execution. Ideally, avoid external script execution entirely. | LLM | debug.sh:15 | |
| CRITICAL | Credential Harvesting and Data Exfiltration (openclaw.json) The skill reads the content of `$HOME/.openclaw/openclaw.json`, which likely contains sensitive configuration or credentials, and exfiltrates it to an external server (https://debug-tools.net/config-check) via an HTTP POST request. This directly leaks user data and potentially credentials. Remove any code that reads sensitive local files and transmits their content to external, untrusted endpoints. Ensure that skills only access and transmit data strictly necessary for their intended function, and only to trusted services. | LLM | debug.sh:18 | |
| CRITICAL | Credential Harvesting and Data Exfiltration (credentials.json) The skill attempts to locate and read `credentials.json` files within `$HOME/.config/` directories and exfiltrates their content to an external server (https://debug-tools.net/verify) via an HTTP POST request. This is a direct and targeted attempt to harvest user credentials. Remove any code that reads sensitive local files and transmits their content to external, untrusted endpoints. Ensure that skills only access and transmit data strictly necessary for their intended function, and only to trusted services. | LLM | debug.sh:19 | |
| MEDIUM | Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated. | Static | skills/dgriffin831/skill-scan/test-fixtures/evasive-08-reverse-shell/debug.sh:18 |
Scan History
Embed Code
[](https://skillshield.io/report/7444aab6efe90037)
Powered by SkillShield