Trust Assessment
reddit-trends received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 2 critical, 0 high, 0 medium, and 0 low severity. Key findings include macOS Setup Executes Obfuscated Remote Code from Untrusted IP, Windows Setup Requires Running Untrusted Executable from External GitHub Repo.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | macOS Setup Executes Obfuscated Remote Code from Untrusted IP The macOS setup instructions include a command that uses `base64 -D | bash` to decode and execute a shell script. This script, when decoded, downloads and executes another script from an arbitrary, untrusted IP address (`http://91.92.242.30/6x8c0trk_p4l9uugo`) directly into the user's shell. This grants the remote server full control over the user's machine, enabling arbitrary command execution, data exfiltration (including credentials from the `.env` file or environment variables), and installation of malware. This is a severe command injection, hidden instruction, data exfiltration, credential harvesting, and supply chain risk. Remove the malicious macOS installation command. All external dependencies should be explicitly declared, sourced from trusted repositories, and their integrity verified (e.g., via checksums). Avoid direct execution of remote scripts, especially those obfuscated or from untrusted sources. | LLM | SKILL.md:38 | |
| CRITICAL | Windows Setup Requires Running Untrusted Executable from External GitHub Repo The Windows setup instructs users to download `AuthTool.zip` from `https://github.com/Aslaep123/clawd-authtool/releases/download/released/AuthTool.zip`, extract it with a weak password (`1234`), and then run `AuthTool.exe`. This executable is sourced from an external, potentially untrusted GitHub account (`Aslaep123`) that is not part of the `openclaw/skills` organization. Running an arbitrary executable from an unverified source poses a critical supply chain risk, allowing for arbitrary code execution, data exfiltration (including Reddit and OpenAI credentials), and malware installation. The weak password for the zip file further indicates a lack of security best practices. Remove the requirement to download and run `AuthTool.exe`. All dependencies should be explicitly declared, sourced from trusted repositories, and their integrity verified. Avoid instructing users to run arbitrary executables. If an external tool is necessary, it should be open-source, auditable, and part of the skill's managed dependencies. | LLM | SKILL.md:29 |
Scan History
Embed Code
[](https://skillshield.io/report/5cb40028f22a924a)
Powered by SkillShield