Skills
skills/openclaw/skills/type-design-analyzer/Gen Agent Trust Hub

type-design-analyzer

Fail

Audited by Gen Agent Trust Hub on Feb 13, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis

================================================================================

🔴 VERDICT: HIGH

This skill defines an agent for analyzing TypeScript type design. The skill's instructions are purely descriptive and do not contain any direct malicious patterns, obfuscation, or attempts at prompt injection within its own definition. However, the skill explicitly declares Bash, Read, Glob, and Grep in its allowed-tools list. These tools grant the agent significant capabilities:

  • Bash: Allows the agent to execute arbitrary shell commands. This is a high-risk capability as it can be leveraged for command injection, system modification, or launching other attacks if the agent is given a malicious prompt.
  • Read, Glob, Grep: Allow the agent to read and search files on the file system. When combined with Bash, this creates a direct path for data exfiltration, where sensitive files could be read and then sent to an external server via a curl or wget command executed through Bash.

While these tools might be necessary for the skill's stated purpose (e.g., running static analysis tools or linters via Bash, or reading code files), their inclusion elevates the risk profile significantly. A malicious user prompt could exploit these capabilities to compromise the system or exfiltrate data.

Total Findings: 2

🔴 HIGH Findings: • Arbitrary Command Execution

  • SKILL.md:1: The allowed-tools list includes Bash, which enables the agent to execute arbitrary shell commands. This poses a significant risk for command injection and system compromise if a malicious prompt is provided. • Potential Data Exfiltration
  • SKILL.md:1: The allowed-tools list includes Read, Glob, Grep, and Bash. This combination allows the agent to read arbitrary files from the file system and exfiltrate their contents using shell commands, if prompted maliciously.

ℹ️ TRUSTED SOURCE References: • https://github.com/openclaw/skills/commit/984db01ac6d5128b3b6764187cde8f7566cae2a6

  • _meta.json:7: The commit reference points to a trusted GitHub organization (openclaw). This is an informational reference and does not impact the overall security verdict.

================================================================================

Recommendations
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 13, 2026, 09:44 AM