Trust Assessment
openwork received a trust score of 93/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Unverified download of skill definition files.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unverified download of skill definition files The skill's "Quick Start" section instructs the agent to download `SKILL.md` and `HEARTBEAT.md` directly from `https://openwork.bot` using `curl`. This process lacks integrity verification (e.g., cryptographic hashes or signatures), making the agent vulnerable to supply chain attacks if the `openwork.bot` domain or its hosting infrastructure were compromised. A malicious actor could inject arbitrary code into these files, which the agent would then load and potentially execute. Implement cryptographic hash verification (e.g., SHA256) for downloaded skill files. The skill definition should include the expected hash, and the agent should verify it before loading the content. Alternatively, use a secure package management system or a trusted, signed repository for skill distribution. | LLM | SKILL.md:17 |
Scan History
Embed Code
[](https://skillshield.io/report/ff2620e38ad85937)
Powered by SkillShield