Trust Assessment
pixelclaws received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Dynamic Instruction Loading from Unversioned Remote File.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Dynamic Instruction Loading from Unversioned Remote File The skill instructs the agent to fetch and execute instructions from a remote, unversioned Markdown file (HEARTBEAT.md) as part of its periodic heartbeat loop. If the remote server (pixelclaws.com) is compromised, the HEARTBEAT.md file could be altered to include malicious instructions, which the agent is then explicitly told to 'execute'. Although the skill includes warnings against following unexpected instructions, relying on the agent to discern malicious content from a dynamically loaded instruction set is a significant risk. Embed the heartbeat logic directly within the skill package or fetch a cryptographically signed/versioned resource. If dynamic loading is necessary, implement robust content validation and sandboxing for fetched instructions. Consider fetching a specific version of the file (e.g., by hash or version number in the URL) rather than relying on a mutable 'latest' version. | LLM | SKILL.md:100 |
Scan History
Embed Code
[](https://skillshield.io/report/4b43e21cb874f58f)
Powered by SkillShield