Security Audit

sundial-org/awesome-openclaw-skills:skills/antigravity-image-gen

github.com/sundial-org/awesome-openclaw-skills

AI SkillCommit 6d998e005da6

CRITICAL

Scanned 27 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

sundial-org/awesome-openclaw-skills:skills/antigravity-image-gen received a trust score of 41/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.

SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Sensitive path access: AI agent config, Arbitrary file write via user-controlled output path.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on March 3, 2026 (commit 6d998e00). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

85%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Filesystem Write

2 findings

Shell Execution

1 finding

Excessive Permissions

2 findings

Security Findings2

Severity	Finding	Layer	Location
HIGH	Sensitive path access: AI agent config Access to AI agent config path detected: '~/.clawdbot/'. This may indicate credential theft. Verify that access to this sensitive path is justified and declared.	Static	skills/antigravity-image-gen/SKILL.md:8
HIGH	Arbitrary file write via user-controlled output path The `scripts/generate.js` skill allows a user to specify an arbitrary `--output` file path. The script then writes the generated image data to this path using `fs.writeFileSync`. A malicious user could specify a path to a critical system file (e.g., `/etc/passwd`, `/root/.ssh/authorized_keys`, `/usr/local/bin/malicious_script`) to overwrite it with image data, potentially leading to denial of service, privilege escalation, or system compromise. Implement strict validation and sanitization of the `outputFile` argument. The script should ensure that the output file is always written within a designated, non-sensitive directory (e.g., `/tmp/clawdbot_images/` or a user-specific temporary directory) and that the user-provided path does not allow directory traversal. A robust solution would be to only allow the user to specify the filename (without path components) or a prefix, and then construct the full, safe path internally. For example, use `path.basename(outputFile)` to extract only the filename from user input and then `path.join()` it with a controlled output directory.	LLM	scripts/generate.js:60

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/b66c44b08a9c6262.svg)](https://skillshield.io/report/b66c44b08a9c6262)