Trust Assessment
sales-bot received a trust score of 52/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 5 findings: 1 critical, 0 high, 2 medium, and 2 low severity. Key findings include Missing required field: name, Unpinned npm dependency version, Node lockfile missing.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 68/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 5acc5677). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Use of Supabase Service Role Key grants excessive database permissions The skill is configured to use a Supabase Service Role Key (`supabaseKey`), as explicitly stated in `SKILL.md` and confirmed by its usage in `src/api.ts`. This key bypasses all Row Level Security (RLS) policies and grants full administrative access to the entire Supabase project's database. While the skill attempts to enforce multi-tenancy using `org_id` in its application logic, any logical flaw, bug, or future modification that omits an `org_id` filter in a database query could lead to unauthorized data access, modification, or deletion across all organizations within the Supabase project. This significantly increases the blast radius in case of a skill compromise or a coding error. 1. **Principle of Least Privilege**: Re-evaluate if a Service Role Key is strictly necessary. If the skill only needs to manage leads for its own `orgId`, it should ideally use a Supabase Anon Key with robust Row Level Security (RLS) policies configured on the Supabase database. RLS policies would enforce `org_id` filtering at the database level, providing a stronger security boundary. 2. **Strict `org_id` enforcement**: If a Service Role Key is unavoidable, ensure that *every single* database operation (select, insert, update, delete) explicitly includes `eq('org_id', this.orgId)` or similar filtering. Conduct thorough code reviews and automated tests to prevent any omission. 3. **Audit Logs**: Ensure comprehensive audit logging is enabled on the Supabase project to detect any anomalous access patterns. | LLM | SKILL.md:16 | |
| MEDIUM | Missing required field: name The 'name' field is required for openclaw skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/big-roman123/sales-bot/SKILL.md:1 | |
| MEDIUM | Unpinned npm dependency version Dependency '@supabase/supabase-js' is not pinned to an exact version ('^2.39.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/big-roman123/sales-bot/package.json | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/big-roman123/sales-bot/package.json | |
| LOW | Dependency version not strictly pinned The `package.json` uses a caret (`^`) range for the `@supabase/supabase-js` dependency (`^2.39.0`). This allows for automatic updates to minor and patch versions. While generally acceptable, for security-critical dependencies like database clients, strictly pinning to an exact version (e.g., `2.39.0`) or relying on a lockfile (`package-lock.json`) ensures deterministic builds and prevents unexpected changes or potential vulnerabilities introduced in newer minor versions from being automatically pulled in without explicit review. Consider pinning the dependency to an exact version (e.g., `"@supabase/supabase-js": "2.39.0"`) or ensuring that a `package-lock.json` or `yarn.lock` file is committed and used consistently in the build process to guarantee deterministic dependency resolution. Regularly review and update dependencies. | LLM | package.json:12 |
Scan History
Embed Code
[](https://skillshield.io/report/01dd0907de1bded7)
Powered by SkillShield