Trust Assessment
openclaw-agent-optimize-skill received a trust score of 93/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Deprecated and Duplicate Skill Listing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Deprecated and Duplicate Skill Listing The skill manifest and its primary content explicitly state that this skill (`openclaw-agent-optimize-skill`) is DEPRECATED and a duplicate of `phenomenoner/openclaw-agent-optimize`. The presence of deprecated or duplicate skills in a registry increases supply chain risk, as users or automated agents might inadvertently install or invoke an unmaintained, potentially vulnerable, or incorrect version instead of the canonical one. The `triggers` array also includes the deprecated skill's name, increasing the likelihood of accidental invocation by an LLM. Remove this deprecated skill listing from the registry to prevent accidental usage. Ensure only canonical, actively maintained versions are available to reduce confusion and potential security risks. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/a0c1145bde0f05e3)
Powered by SkillShield