Security Audit

TreasureProject/aifrens-openclaw-skill:root

github.com/TreasureProject/aifrens-openclaw-skill

AI SkillCommit 495c58c37798

TRUSTED

Scanned 12 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

TreasureProject/aifrens-openclaw-skill:root received a trust score of 93/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Unpinned npm dependency version.

The analysis covered 4 layers: dependency_graph, llm_behavioral_safety, static_code_analysis, manifest_analysis. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 8, 2026 (commit 495c58c3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

93%

LLM Behavioral Safety

100%

Security Findings1

Severity	Finding	Layer	Location
MEDIUM	Unpinned npm dependency version Dependency 'viem' is not pinned to an exact version ('^2.45.1'). Pin dependencies to exact versions to reduce drift and supply-chain risk.	Unknown	/tmp/skillscan-clone-1udgk8so/repo/package.json

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/437096c3a9147eeb.svg)](https://skillshield.io/report/437096c3a9147eeb)