Trust Assessment
seo-optimizer received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include External Software Installation from Unverified Source.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | External Software Installation from Unverified Source The skill instructs the user to download and install 'OpenClawCLI' from an external URL (https://openclawcli.vercel.app/). Directing users to install software from third-party, unverified sources introduces a significant supply chain risk. The downloaded software could contain malware, vulnerabilities, or perform malicious actions without the user's knowledge. There is no mechanism provided to verify the integrity or authenticity of the software. Provide a secure, verified source for `OpenClawCLI` (e.g., an official GitHub release with checksums, or a trusted package manager). If `OpenClawCLI` is essential, consider including its source code within the skill package or providing clear instructions for auditing its security. At minimum, warn users about the risks of installing software from external URLs and advise them to verify the source and integrity of the executable. | LLM | SKILL.md:3 |
Scan History
Embed Code
[](https://skillshield.io/report/d04744d74781605a)
Powered by SkillShield