Skills
skills/openclaw/skills/skill-auditor/Gen Agent Trust Hub

skill-auditor

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The reference files (known-patterns.md, prompt-injection-patterns.md) contain hundreds of active prompt injection and jailbreak strings. If an LLM reads these without strict isolation, it may inadvertently obey instructions like 'ignore all safety rules'.
  • REMOTE_CODE_EXECUTION (HIGH): The skill relies on 'scripts/audit_skill.py' which is not included in the package. The 'quarantine.sh' script executes this missing file using 'python3', creating an unverifiable execution path.
  • COMMAND_EXECUTION (MEDIUM): The 'quarantine.sh' script uses shell commands like 'cp -r' and 'rm -rf' on production paths based on the output of an unverified script.
  • INDIRECT_PROMPT_INJECTION (HIGH): 1. Ingestion: 'quarantine.sh' processes external skill directories. 2. Boundary markers: None identified. 3. Capability inventory: Write access to production directories and script execution. 4. Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 02:54 PM