Security Audit

video-ad-specs

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 3 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

video-ad-specs received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Direct execution of remote script via `curl | sh` and exceeding declared permissions, Use of `npx` command outside declared `Bash(infsh *)` permissions.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

2 findings

Shell Execution

2 findings

Dynamic Code

1 finding

Excessive Permissions

2 findings

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Direct execution of remote script via `curl \| sh` and exceeding declared permissions The skill instructs the user to download and execute a shell script directly from a remote URL (`https://cli.inference.sh`) using `curl \| sh`. This is a critical supply chain risk, as the content of the script can change or be malicious, potentially leading to arbitrary command injection (SS-LLM-003). Furthermore, the skill's manifest declares `Bash(infsh )` as the allowed tool, meaning only commands starting with `infsh` are explicitly permitted via Bash. The `curl` command falls outside this declared scope, indicating an attempt to use broader shell capabilities than permitted (SS-LLM-005). Avoid piping `curl` output directly to `sh`. Recommend a more secure installation method (e.g., package manager, verified binary download with integrity checks). If general `Bash` commands like `curl` are truly required, the `allowed-tools` permission in the manifest should be broadened to `Bash()` or `Bash(infsh , curl )` and justified.	LLM	SKILL.md:10
HIGH	Use of `npx` command outside declared `Bash(infsh )` permissions The skill's manifest declares `Bash(infsh )` as the allowed tool, restricting Bash commands to those starting with `infsh`. However, the 'Related Skills' section explicitly instructs the user to execute `npx skills add ...`. The `npx` command is not `infsh` and falls outside the explicitly declared tool scope. This indicates an attempt to use broader shell capabilities than permitted, which could lead to unexpected behavior or security issues if the LLM environment were to execute it or if the user follows the instruction in a permissive environment. Either explicitly declare `npx` as an allowed tool in the manifest (e.g., `Bash(infsh , npx )`) if its use is intended and justified, or remove instructions for tools not covered by declared permissions.	LLM	SKILL.md:200

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/a42e53fc224ae3a2.svg)](https://skillshield.io/report/a42e53fc224ae3a2)