Trust Assessment
openclaw-starter-kit received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Suspicious import: urllib.request, Skill handles user Twitter password and arbitrary proxy directly, User input sent to external LLM API.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Skill handles user Twitter password and arbitrary proxy directly The `twitter_login` function in `scripts/aisa_client.py` explicitly takes `password` as a direct argument. This means the skill is designed to process and transmit user-provided Twitter account passwords to the AIsa API. If an agent is prompted to use this function with user-supplied input, it could lead to credential harvesting or exposure if not handled with extreme care by the agent and the user. Additionally, the `proxy` argument allows specifying an arbitrary network proxy, which could be used for malicious redirection or data interception if an untrusted proxy is provided by the agent or user. For Skill Developer: Consider if direct password handling is strictly necessary or if an OAuth flow could be used for Twitter authentication, which avoids the skill ever seeing the user's password. If direct password is required by the AIsa API, clearly document the security implications and advise users to use dedicated app passwords or secure credential management. For Agent Developer/User: Agents should be extremely cautious when prompting users for passwords or when using this function with sensitive credentials. Ensure the `proxy` argument is only ever set to trusted values. | LLM | scripts/aisa_client.py:125 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/aisa-one/openclaw-aisa/scripts/aisa_client.py:25 | |
| INFO | User input sent to external LLM API The `llm_chat` function in `scripts/aisa_client.py` sends user-provided `messages` (which can contain sensitive information) to an external LLM API endpoint (`https://api.aisa.one/v1/chat/completions`). While this is the intended functionality of an LLM skill, users should be aware that any data provided to the agent via this function will be transmitted to a third-party service. For Agent Developer/User: Implement robust privacy policies and user consent mechanisms. Advise users not to input highly sensitive personal or confidential information into the agent if it uses this skill, or ensure that the AIsa API's data handling policies align with privacy requirements. | LLM | scripts/aisa_client.py:209 |
Scan History
Embed Code
[](https://skillshield.io/report/b8d2aea77c8d2d62)
Powered by SkillShield