install-shared-skill

This script poses a significant security risk due to command injection: untrusted CLI input is directly interpolated into a shell command executed with child_process.exec. While the file itself does not contain obvious backdoors, network exfiltration, or obfuscated code, the injection vulnerability allows arbitrary command execution, which can lead to full system compromise. Recommend immediate remediation: stop using exec with interpolated input, switch to execFile/spawn with argument arrays or implement strict validation/whitelisting of skillName, and validate OPENCLAW_WORKSPACE if used.

This script poses a significant security risk due to command injection: untrusted CLI input is directly interpolated into a shell command executed with child_process.exec. While the file itself does not contain obvious backdoors, network exfiltration, or obfuscated code, the injection vulnerability allows arbitrary command execution, which can lead to full system compromise. Recommend immediate remediation: stop using exec with interpolated input, switch to execFile/spawn with argument arrays or implement strict validation/whitelisting of skillName, and validate OPENCLAW_WORKSPACE if used.

SUSPICIOUS: the CLI source is plausibly official, but the skill is internally inconsistent about shared vs workspace install and primarily serves to install other unreviewed skills from a public registry. Main risk is transitive trust and unpinned public skill installation, not confirmed credential theft or malware.