Security Audit

RightNow-AI/openfang:crates/openfang-hands/bundled/browser

github.com/RightNow-AI/openfang

AI SkillCommit 7bd018569501

TRUSTED

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

RightNow-AI/openfang:crates/openfang-hands/bundled/browser received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 0 medium, and 1 low severity. Key findings include Potential for Credential Storage in Memory, Broad Web Access Capability.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 27, 2026 (commit 7bd01856). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

98%

Behavioral Risk Signals

Network Access

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
LOW	Potential for Credential Storage in Memory The skill's 'Security Checklist' explicitly instructs the LLM to 'Never store passwords in memory_store'. This instruction highlights the potential for the `memory_store` tool (if available to the LLM) to be used for storing sensitive credentials, which could lead to credential harvesting if the LLM were to deviate from this instruction. While the skill provides a direct mitigation, the underlying capability for sensitive data storage exists. Ensure the LLM strictly adheres to the instruction not to store sensitive credentials in `memory_store`. Implement robust safeguards within the LLM's architecture to prevent it from storing or exfiltrating sensitive data, especially credentials, regardless of skill instructions.	LLM	SKILL.md:89
INFO	Broad Web Access Capability The skill utilizes browser automation tools (`browser_navigate`, `browser_read_page`, `browser_type`, `browser_click`) which inherently grant broad access to arbitrary web content. While the skill includes security advice like 'Verify domain before entering credentials' and 'Check for HTTPS', the underlying capability allows interaction with any website, including potentially malicious ones, if the LLM is instructed to do so or makes an error in navigation. This is an inherent risk of browser automation skills. Users should be aware of the broad web access capabilities and exercise caution when instructing the LLM to interact with unfamiliar websites. The LLM should be designed with strong guardrails to prevent navigation to known malicious sites or interaction with suspicious elements, and to strictly follow the skill's security checklist.	LLM	SKILL.md:70

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/a8f645e362417951.svg)](https://skillshield.io/report/a8f645e362417951)