Security Audit

shreefentsar/clawdbot-zoho:root

github.com/shreefentsar/clawdbot-zoho

AI SkillCommit 6d5cece74b5a

TRUSTED

Scanned about 1 month ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

shreefentsar/clawdbot-zoho:root received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include Potential Server-Side Request Forgery (SSRF) via external URL download, Arbitrary File Write via user-controlled ZOHO_DATA_DIR.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on March 3, 2026 (commit 6d5cece7). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

86%

Dependency Graph

100%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

2 findings

Shell Execution

2 findings

Excessive Permissions

2 findings

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Potential Server-Side Request Forgery (SSRF) via external URL download The `standup-summarizer.sh` script downloads meeting recordings using a URL (`DOWNLOAD_URL`) obtained from the Zoho API. The `curl -L` command is used, which follows redirects. If a malicious or compromised Zoho API were to return a `downloadUrl` pointing to an internal network resource (e.g., `http://192.168.1.1/admin`) or a local file path (e.g., `file:///etc/passwd`), the `curl` command could be coerced into fetching data from unintended locations. This could lead to Server-Side Request Forgery (SSRF) or data exfiltration from the host system's internal network or local filesystem. Implement URL validation to ensure that `DOWNLOAD_URL` points only to expected Zoho domains before executing the `curl` command. Consider disabling `curl -L` if redirects are not strictly necessary, or restrict `curl` to only allow specific protocols (e.g., `https`).	Static	scripts/standup-summarizer.sh:100
MEDIUM	Arbitrary File Write via user-controlled ZOHO_DATA_DIR The `ZOHO_DATA_DIR` environment variable, which is explicitly marked as `secret: false` in `skill.json`, is used to determine the path for `standup-processed.json`. If an attacker can control this environment variable, they could set it to an arbitrary directory (e.g., `/etc` or `/var/www`). The script would then attempt to create and write files (`standup-processed.json` and its temporary counterpart) in this user-specified location. This could lead to overwriting critical system files, writing to sensitive directories, or consuming disk space in unintended locations, depending on the skill's execution permissions. If `ZOHO_DATA_DIR` must be configurable, ensure the host environment validates and restricts the path to a safe, sandboxed location. Alternatively, mark `ZOHO_DATA_DIR` as `secret: true` and ensure the host environment provides a secure, non-user-controlled default or validated path. If possible, restrict file operations to within the skill's own directory or a dedicated, isolated data directory.	Static	scripts/standup-summarizer.sh:5

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/c732aa2dba8d4571.svg)](https://skillshield.io/report/c732aa2dba8d4571)