Security Audit
Static Website Hosting - Static.app
github.com/openclaw/skillsTrust Assessment
Static Website Hosting - Static.app received a trust score of 59/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 0 high, 2 medium, and 0 low severity. Key findings include Unpinned npm dependency version, Arbitrary File Write via User-Controlled Output Directory, Outdated `node-fetch` Dependency with Known Vulnerabilities.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary File Write via User-Controlled Output Directory The `download.js` script allows a user to specify an arbitrary output directory via the `--output` or `-o` command-line option. This directory is then used by `adm-zip` to extract the contents of a downloaded zip file. A malicious actor could exploit this by providing a path outside the intended workspace (e.g., `/tmp/`, `../../../`) to write or overwrite arbitrary files on the system where the skill is executed. This could lead to privilege escalation, denial of service, or execution of malicious code if critical system files are overwritten or executable files are placed in trusted locations. Implement strict path validation and sanitization for the `outputDir` option. Ensure that the provided path is always a subdirectory of the intended workspace or a predefined safe directory. For example, resolve the path and check if it starts with the canonical workspace path, or use a library that safely handles path traversal. A simple fix would be to disallow absolute paths or paths containing '..' components, or to always prepend a safe base directory to the user-provided path. | LLM | scripts/download.js:64 | |
| MEDIUM | Unpinned npm dependency version Dependency 'adm-zip' is not pinned to an exact version ('^0.5.16'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/akellacom/static-app/scripts/package.json | |
| MEDIUM | Outdated `node-fetch` Dependency with Known Vulnerabilities The `node-fetch` dependency is specified as `^2.7.0` in `package.json` and resolved to `2.7.0` in `package-lock.json`. `node-fetch` version 2.x is no longer actively maintained and has known security vulnerabilities, including potential for request smuggling (CVE-2022-0235) and other issues. Using outdated dependencies increases the risk of supply chain attacks or exploitation of known flaws. Upgrade `node-fetch` to the latest major version (currently 3.x or higher) which is actively maintained and addresses known vulnerabilities. Ensure that the upgrade does not introduce breaking changes or, if it does, adapt the code accordingly. Pin the exact version in `package.json` (e.g., `"node-fetch": "3.x.x"`) or rely on `package-lock.json` for deterministic builds after updating. | LLM | scripts/package.json:9 |
Scan History
Embed Code
[](https://skillshield.io/report/c82ea36cd9133675)
Powered by SkillShield