Trust Assessment
social-post received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 3 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via User Input to Shell Scripts, Data Exfiltration: Farcaster Images Publicly Hosted on Imgur, Plain-Text Storage of Sensitive Credentials.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via User Input to Shell Scripts The skill's documentation describes passing arbitrary user-provided strings (e.g., messages, replies, image paths) directly as arguments to shell scripts (`scripts/post.sh`, `scripts/reply.sh`). If these scripts do not properly sanitize or escape these arguments before using them in shell commands, a malicious user could inject arbitrary shell commands, leading to remote code execution or other system compromises. This is a common vulnerability pattern in shell scripts that process untrusted input. Ensure all shell scripts (`post.sh`, `reply.sh`, etc.) rigorously sanitize and escape user-provided input before incorporating it into shell commands. Prefer using safer methods for executing external commands in the underlying implementation (e.g., `subprocess.run` with `shell=False` in Python, or `exec.Command` in Go) rather than direct shell interpolation. | LLM | SKILL.md:139 | |
| HIGH | Data Exfiltration: Farcaster Images Publicly Hosted on Imgur The skill explicitly states that for Farcaster posts, images are 'Uploads to imgur for public URL (embeds automatically)'. This means any image uploaded via the Farcaster functionality will be publicly accessible on Imgur. If a user uploads sensitive, private, or confidential images, they will be exposed to the public, constituting a direct data exfiltration risk. Clearly and prominently warn users that Farcaster image uploads are public and advise against uploading sensitive content. Consider implementing an option for users to choose a private image hosting service or to confirm the public nature of the upload before proceeding. | LLM | SKILL.md:280 | |
| HIGH | Plain-Text Storage of Sensitive Credentials The skill requires and instructs users to store highly sensitive credentials, including X/Twitter API keys/secrets and Farcaster private keys, in plain-text files (`~/.openclaw/.env` and `~/.openclaw/farcaster-credentials.json`). While the skill includes a warning about securing the system, storing credentials in plain text significantly increases the risk of compromise if the user's system is breached, or if the files are inadvertently exposed. This design choice makes the credentials vulnerable to any process with read access to these files. Implement a more secure credential management system. This could involve using an OS-level keyring, a dedicated secrets manager, or encrypted storage that requires a passphrase to decrypt credentials at runtime. Avoid storing private keys and API secrets directly in plain-text files. | LLM | SKILL.md:45 |
Scan History
Embed Code
[](https://skillshield.io/report/7d7db035649bc8e8)
Powered by SkillShield