Security Audit

reddapi

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

reddapi received a trust score of 56/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Remote code execution: curl/wget pipe to shell, Direct Python code execution via `python3 -c` in example.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

70%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

2 findings

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Remote code execution: curl/wget pipe to shell Detected a pattern that downloads and immediately executes remote code. This is a primary malware delivery vector. Never pipe curl/wget output directly to a shell interpreter.	Static	skills/dowands/reddapi/SKILL.md:15
HIGH	Direct Python code execution via `python3 -c` in example The skill documentation includes an example that pipes `curl` output into `python3 -c "..."`. This allows for direct execution of arbitrary Python code via the shell. While the provided script is benign, this pattern is a significant command injection vulnerability if the `curl` output could be controlled by an attacker (e.g., malicious API response) or if the LLM itself could be prompted to modify the Python code. An AI agent executing this example could be tricked into running malicious code. Replace the `python3 -c` command with a safer method for processing JSON output. For example, instruct the LLM to parse the JSON response directly using its internal capabilities, or provide a dedicated, sandboxed tool/function for JSON processing if external execution is unavoidable. If a script is absolutely necessary, it should be a separate, reviewed file, not inline in a markdown example.	LLM	SKILL.md:74

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/7b9882b8a81e8597.svg)](https://skillshield.io/report/7b9882b8a81e8597)