Security Audit

workout

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

workout received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Command Injection via User Input in CLI Arguments, Unspecified Source and Version for External Binary Dependency.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Command Injection via User Input in CLI Arguments The skill constructs and executes `workout` CLI commands using arguments that are likely derived from user input (e.g., profile names, exercise names, notes, template names). If the LLM does not properly sanitize or escape user-provided strings before embedding them into shell commands, a malicious user could inject arbitrary shell commands. For example, providing an exercise name like `My Exercise"; rm -rf /;` could lead to unintended command execution. Ensure all user-provided input used in shell commands is properly escaped using a robust shell escaping mechanism (e.g., `shlex.quote` in Python, or equivalent for other languages) before execution.	LLM	SKILL.md:19
MEDIUM	Unspecified Source and Version for External Binary Dependency The skill's manifest declares a dependency on an external binary, `workout`, via `{"bins": ["workout"]}`. The source, specific version, and integrity verification mechanism for this binary are not specified. This introduces a supply chain risk, as a compromised or malicious `workout` binary could lead to arbitrary code execution when the skill is invoked. Without pinning to a specific version or verifying its origin, the skill is vulnerable to changes or attacks on the `workout` binary's distribution channel. Specify the exact source and version of the `workout` binary. Implement integrity checks (e.g., checksum verification) for the binary. Consider packaging the binary securely or using a trusted package manager with version pinning.	LLM	SKILL.md

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/66bd0f43849cee81.svg)](https://skillshield.io/report/66bd0f43849cee81)