Security Audit

sensor-data-aggregator

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

sensor-data-aggregator received a trust score of 79/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Missing required field: name, Unsanitized user input in generated reports and alert messages.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

93%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Unsanitized user input in generated reports and alert messages The skill constructs output strings (e.g., in the `generate_report` method) and alert messages (in the `_create_alert` method) using unsanitized user-provided inputs such as `site_name`, `sensor.name`, and `sensor.unit`. If these inputs contain malicious LLM instructions, and the generated report or alert messages are subsequently fed into an LLM (e.g., via `register_alert_handler` or by displaying the report), it could lead to prompt injection. An attacker could manipulate the LLM's behavior or extract sensitive information. Implement strict input validation and sanitization for all user-provided strings (e.g., `site_name`, `sensor.name`, `sensor.unit`) before they are stored or used in generated outputs. When generating reports or alert messages that might be consumed by an LLM, ensure all dynamic content is properly escaped or filtered to prevent the injection of LLM instructions. For `alert_handlers`, ensure only trusted callbacks are registered and that they also sanitize any output they produce.	LLM	SKILL.md:294
MEDIUM	Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter.	Static	skills/datadrivenconstruction/sensor-data-aggregator/SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/bf24337887093fbd.svg)](https://skillshield.io/report/bf24337887093fbd)