Trust Assessment
openclaw-leaderboard received a trust score of 94/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill encourages submission of potentially sensitive system prompts to public API.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Skill encourages submission of potentially sensitive system prompts to public API The skill explicitly encourages users to submit their `systemPrompt` to the public OpenClaw Leaderboard API. System prompts can contain sensitive internal instructions, proprietary logic, or even embedded credentials. While optional, the skill states 'Sharing this helps others learn' and 'Submissions with model/tools/prompt info get more community trust,' creating a strong incentive for users to share potentially sensitive data with a public service, which could lead to data exfiltration. Advise users to carefully review their system prompts for sensitive information before submission. Consider adding a clear warning in the skill documentation about the public nature of this field and what kind of information is safe to share. If possible, provide a mechanism for users to redact sensitive parts. | LLM | skill.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/72b7296e0f830b71)
Powered by SkillShield