Security Audit

setup-dca

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

setup-dca received a trust score of 90/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Unsanitized User Input to Subagent/Tool Call.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Unsanitized User Input to Subagent/Tool Call The skill constructs a prompt for the powerful `Task(subagent_type:trade-executor)` tool by interpolating user-provided parameters (`amountPerExecution`, `inputToken`, `targetAsset`, `chain`, `slippageTolerance`, `totalExecutions`, `fee`). If these parameters are not rigorously validated and sanitized before being passed to the subagent, a malicious user could inject commands or manipulate the subagent's behavior. For example, if the `trade-executor` subagent interprets its input as executable code or structured commands, specially crafted user input could lead to unintended financial transactions, information disclosure, or other harmful actions. While the prompt is structured, the values within that structure are user-controlled. Implement strict input validation and sanitization for all user-provided parameters (`amountPerExecution`, `inputToken`, `targetAsset`, `chain`, `slippageTolerance`, `totalExecutions`, `fee`) before they are interpolated into the prompt for `Task(subagent_type:trade-executor)`. Ensure that the `trade-executor` subagent itself has robust input parsing and execution safeguards to prevent misinterpretation of malicious input as commands or executable code.	LLM	SKILL.md:204

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/5700f7777d02b401.svg)](https://skillshield.io/report/5700f7777d02b401)