Security Audit

vibes

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

vibes received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Prompt Injection Attempt in Skill Documentation, Unpinned Dependency in Skill Manifest.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Prompt Injection Attempt in Skill Documentation The skill's documentation (`SKILL.md`), which is treated as untrusted content, contains explicit instructions intended for the host LLM on how to use the tool. This attempts to manipulate the LLM's behavior from an untrusted source, violating the principle that untrusted content should not issue instructions. The LLM should infer tool usage from its schema and internal logic, not from embedded documentation instructions. Remove all direct instructions to the LLM from the skill's documentation. The LLM should infer tool usage from the tool's schema and its own internal reasoning. Documentation should describe the tool's functionality for human understanding, not dictate LLM behavior.	LLM	skills/binora/vibes/SKILL.md:14
HIGH	Unpinned Dependency in Skill Manifest The skill's manifest specifies a dependency (`vibes-mcp@latest`) using the 'latest' tag. This means the exact version of the dependency is not pinned, allowing it to change unexpectedly. A new version of 'vibes-mcp' could introduce breaking changes, vulnerabilities, or malicious code without explicit review, posing a significant supply chain risk. Pin the dependency to a specific, immutable version (e.g., `vibes-mcp@1.2.3`) instead of `@latest`. Regularly review and update pinned dependencies to incorporate necessary fixes and features while maintaining control over the deployed code.	LLM	Manifest:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/7d595ceca8e1023f.svg)](https://skillshield.io/report/7d595ceca8e1023f)