Security Audit
sundial-org/awesome-openclaw-skills:skills/apple-docs
github.com/sundial-org/awesome-openclaw-skillsTrust Assessment
sundial-org/awesome-openclaw-skills:skills/apple-docs received a trust score of 19/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 0 critical, 3 high, 1 medium, and 0 low severity. Key findings include Unsafe deserialization / dynamic eval, Unverified Third-Party Data Source for WWDC Content, Arbitrary URL Fetching via `doc` command.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on March 3, 2026 (commit 6d998e00). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/apple-docs/cli.js:225 | |
| HIGH | Unsafe deserialization / dynamic eval Decryption followed by code execution Remove obfuscated code execution patterns. Legitimate code does not need base64-encoded payloads executed via eval, encrypted-then-executed blobs, or dynamic attribute resolution to call system functions. | Manifest | skills/apple-docs/cli.js:239 | |
| HIGH | Arbitrary URL Fetching via `doc` command The `apple-docs doc` command allows the user to specify an arbitrary URL as its argument (`args[0]`). The `getAppleDocContent` function then fetches content from this URL using `fetchJson` or `fetchText`. While the skill is intended to query Apple Developer Documentation, this functionality allows an attacker to instruct the LLM to make the skill fetch data from any accessible URL. This could be used to exfiltrate data from internal network resources, probe for vulnerabilities, or fetch malicious content from an attacker-controlled server. The skill does not validate if the provided URL belongs to `developer.apple.com`. Implement strict URL validation for the `doc` command. Only allow URLs that match `https://developer.apple.com/documentation/` or other explicitly whitelisted Apple domains. Alternatively, if the intent is to only fetch specific documentation paths, ensure the input is treated as a path segment and prepended with a fixed base URL. | LLM | cli.js:300 | |
| MEDIUM | Unverified Third-Party Data Source for WWDC Content The skill fetches WWDC video data, topics, and indices from `https://raw.githubusercontent.com/kimsungwhee/apple-docs-mcp/main/data/wwdc/`. This is a personal GitHub repository, which is an unverified third-party source. Reliance on such a source introduces a supply chain risk: if the repository is compromised, taken down, or its content altered, the skill's WWDC functionality could be disrupted or serve malicious data. The `SKILL.md` description also contains a misleading statement ("1,260+ WWDC videos bundled offline") which contradicts the actual code's behavior of fetching from an external URL. Bundle the WWDC data directly with the skill package as stated in the `SKILL.md`, or host it on a trusted, controlled domain. If external fetching is necessary, use a more robust and verified source, or implement content integrity checks (e.g., checksums). | LLM | cli.js:20 |
Scan History
Embed Code
[](https://skillshield.io/report/7eb9748c78148801)
Powered by SkillShield