Security Audit

web-bundling

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

web-bundling received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unspecified 'npm run build' command execution, Unpinned 'npx' package execution leads to supply chain risk.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

2 findings

Filesystem Write

1 finding

Shell Execution

2 findings

Security Findings2

Severity	Finding	Layer	Location
HIGH	Unspecified 'npm run build' command execution The skill instructs the execution of 'npm run build'. The actual commands executed by 'npm run build' are defined in an external 'package.json' file, which is not provided or controlled within this skill. If an AI agent executes this command, it could lead to arbitrary command execution if the 'package.json' is untrusted or manipulated by a malicious actor. Specify the exact commands to be executed, or clearly state that the 'package.json' must be trusted and controlled. If the agent is to execute this, it must do so in a sandboxed environment with strict input validation and process isolation.	LLM	SKILL.md:26
MEDIUM	Unpinned 'npx' package execution leads to supply chain risk The skill uses 'npx parcel build' and 'npx html-inline' without specifying package versions. This means 'npx' will fetch and execute the latest available version of these packages. A malicious actor could publish a compromised version of 'parcel' or 'html-inline' (or a typosquat package) that would then be executed by the agent or user, leading to a supply chain compromise. Always pin package versions when using 'npx' to ensure deterministic execution and prevent unexpected updates or malicious package injection (e.g., 'npx parcel@2.10.0 build ...', 'npx html-inline@2.2.0 ...').	LLM	SKILL.md:29

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/ecee0a85839c2d27.svg)](https://skillshield.io/report/ecee0a85839c2d27)