Security Audit

scripture-curated

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

scripture-curated received a trust score of 76/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 3 findings: 0 critical, 1 high, 2 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Missing required field: name, Potential API Key Exposure via LLM Tool Call.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

93%

Static Code Analysis

93%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Dynamic Code

2 findings

Excessive Permissions

1 finding

Security Findings3

Severity	Finding	Layer	Location
HIGH	Potential API Key Exposure via LLM Tool Call The skill accesses `BRAVE_API_KEY` from environment variables. The `fetchNews` function in `NewsSearch` is a placeholder, but its comment indicates it would use a 'web_search tool'. If this 'web_search tool' is an LLM-orchestrated tool, passing the `BRAVE_API_KEY` to it could expose the credential to the LLM, making it vulnerable to prompt injection for exfiltration. This is a common risk when LLMs are given direct access to sensitive credentials for tool invocation. Ensure that `BRAVE_API_KEY` is never passed directly to an LLM or an LLM-orchestrated tool that could be prompted to reveal it. The API call should be made by a secure backend service or a sandboxed environment that does not expose the key to the LLM. If 'web_search tool' refers to a direct HTTP API call, clarify this in the documentation or code to avoid ambiguity.	LLM	scripts/news-search.js:10
MEDIUM	Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions.	Manifest	skills/snail3d/scripture-curated/scripts/scripture-curated.js:494
MEDIUM	Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter.	Static	skills/snail3d/scripture-curated/SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/3e63809833418464.svg)](https://skillshield.io/report/3e63809833418464)