Trust Assessment
philips-hue-thinking received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 13 findings: 5 critical, 2 high, 5 medium, and 1 low severity. Key findings include Persistence / self-modification instructions, Network egress to untrusted endpoints, Persistence mechanism: Shell RC file modification.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings13
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/jesserod329/philips-hue-thinking/SKILL.md:74 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/jesserod329/philips-hue-thinking/SKILL.md:78 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/jesserod329/philips-hue-thinking/SKILL.md:142 | |
| CRITICAL | Persistence / self-modification instructions Shell RC file modification for persistence Remove any persistence mechanisms. Skills should not modify system startup configurations, crontabs, LaunchAgents, systemd services, or shell profiles. | Manifest | skills/jesserod329/philips-hue-thinking/hue-hooks.sh:2 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/jesserod329/philips-hue-thinking/quick-setup.sh:3 | |
| HIGH | Placeholder GitHub Repository URL The `package.json` file and the `SKILL.md` installation instructions contain a placeholder GitHub repository URL (`https://github.com/yourusername/philips-hue-thinking.git`). If a user attempts to install this skill by cloning from this URL without replacing `yourusername` with the actual maintainer's username, they may clone from a non-existent repository, or worse, a malicious repository if an attacker registers that placeholder username. This is a common vector for typosquatting and supply chain attacks. Replace `yourusername` in the `homepage` and `repository` fields of `package.json` and in the `git clone` command in `SKILL.md` with the actual GitHub username of the maintainer (e.g., `openclaw`). | LLM | package.json:9 | |
| HIGH | Hardcoded IP Address in Setup Script The `quick-setup.sh` script directly uses a hardcoded IP address (`192.168.1.151`) in a `curl` command to interact with the Philips Hue bridge API. This bypasses the user-provided IP address mechanism described in `SKILL.md` (`hue setup <bridge-ip>`). If a user runs this script without modification, it could attempt to connect to an unintended device on their local network, potentially exposing the `devicetype` string or generating an API key on an incorrect bridge. While `devicetype` is not highly sensitive, this pattern of hardcoded external communication is a risk for data exfiltration or credential harvesting if the IP were to point to a malicious server or if the script were modified. Parameterize the IP address in `quick-setup.sh` to allow user input, or remove this script if the `hue setup <bridge-ip>` command is the primary and recommended setup method. If kept, add prominent warnings about changing the IP address. | LLM | quick-setup.sh:3 | |
| MEDIUM | Persistence mechanism: Shell RC file modification Detected Shell RC file modification pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/jesserod329/philips-hue-thinking/SKILL.md:74 | |
| MEDIUM | Persistence mechanism: Shell RC file modification Detected Shell RC file modification pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/jesserod329/philips-hue-thinking/SKILL.md:78 | |
| MEDIUM | Persistence mechanism: Shell RC file modification Detected Shell RC file modification pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/jesserod329/philips-hue-thinking/SKILL.md:142 | |
| MEDIUM | Persistence mechanism: Shell RC file modification Detected Shell RC file modification pattern. Persistence mechanisms allow malware to survive system restarts. Review this persistence pattern. Skills should not modify system startup configuration. | Static | skills/jesserod329/philips-hue-thinking/hue-hooks.sh:2 | |
| MEDIUM | Hardcoded Path in Shell Hook Script The `hue-hooks.sh` script contains a hardcoded `export PATH` statement that adds a specific, user-dependent directory (`/Users/jesse/clawd/skills/philips-hue`) to the user's `PATH` environment variable. If this script is sourced by a user, it could lead to unexpected command execution if a malicious executable named `hue` is placed in that specific directory, or if the directory itself is compromised. This also assumes a specific development environment which is not portable. Remove the hardcoded `export PATH` statement. The `hue` executable should be installed in a standard `PATH` location (e.g., `/usr/local/bin`) as suggested in `SKILL.md`, or the script should use a relative path if `hue` is expected to be in the same directory. | LLM | hue-hooks.sh:3 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/jesserod329/philips-hue-thinking/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/abd10e2c5090953c)
Powered by SkillShield