Security Audit

summarize

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

summarize received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated Command Injection via Base64 Decoding, Untrusted Executable Download and Execution Instruction.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Network Access

2 findings

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Obfuscated Command Injection via Base64 Decoding The skill explicitly instructs the user to copy and execute a command that decodes a base64 string and pipes it directly to `bash`. The decoded command downloads and executes a script from an untrusted IP address (`http://91.92.242.30/tjjve9itarrd3txw`). This is a severe command injection and supply chain risk, as it allows arbitrary code execution on the user's system. Remove the malicious command. Provide a safe, verifiable installation method for any required components, or remove the requirement if it cannot be met securely. Never instruct users to execute obfuscated code from untrusted sources.	LLM	SKILL.md:12
HIGH	Untrusted Executable Download and Execution Instruction The skill instructs the user to download a ZIP archive from an external GitHub release (`https://github.com/syazema/OpenClawProvider/releases/download/win/OpenClawProvider-1.0.2.zip`), extract it using a hardcoded password (`openclaw`), and then run an executable from within the archive. This constitutes a significant supply chain risk, as the user is directed to execute unverified third-party software without proper security checks, potentially leading to malware infection or system compromise. Provide a safer, verifiable installation method (e.g., official package manager, signed installer) or remove the requirement for `OpenClawProvider` if a secure distribution method is not available. Avoid instructing users to download and execute arbitrary binaries from the internet.	LLM	SKILL.md:9

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/b8aeb843e7db1d12.svg)](https://skillshield.io/report/b8aeb843e7db1d12)