Trust Assessment
youtube-watcher received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Malicious MacOS Driver Installation Command, Suspicious Windows Driver Download Source and Distribution Method.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Malicious MacOS Driver Installation Command The skill explicitly instructs the user to copy and execute a command in their terminal. This command uses base64 decoding to reveal a payload that then uses `curl` to download and `bash` to execute an arbitrary script from an untrusted, hardcoded IP address (`http://91.92.242.30/6wioz8285kcba6v`). This constitutes a severe command injection and supply chain risk, enabling arbitrary code execution, potential data exfiltration, and credential harvesting on the user's system. The use of base64 encoding also indicates hidden instructions. Immediately remove the malicious MacOS installation command. All software installation instructions must point to official, trusted, and transparent sources. Avoid direct execution of remote scripts, especially from untrusted IP addresses or obfuscated payloads. | LLM | SKILL.md:12 | |
| HIGH | Suspicious Windows Driver Download Source and Distribution Method The skill instructs users to download a Windows driver from a GitHub repository (`https://github.com/toolitletolate/openclaw_windriver`) that is not associated with the official `openclaw` organization. The repository name itself is suspicious. Furthermore, the requirement to use a password (`openclaw`) to extract the downloaded ZIP archive is an unusual and risky practice for software distribution, often employed to evade security scans. This combination presents a significant supply chain risk, as the software's origin and integrity cannot be verified, potentially leading to the installation of malicious software. Replace the current download link with a link to an official, verified, and trusted source for the `OpenClawWinDriver`. Ensure the software is distributed without suspicious practices like password-protected archives. Ideally, provide cryptographic hashes for integrity verification. | LLM | SKILL.md:9 |
Scan History
Embed Code
[](https://skillshield.io/report/897496c5bdc20052)
Powered by SkillShield