ClawAudit verdict

affiliate-check

affiliate-skills

45
🟠 Risky
Significant concerns — only install if you understand the risks

The setup flow includes 'curl -fsSL https://bun.sh/install | bash' to install Bun if absent, which is a concrete curl-pipe-shell execution pattern that downloads and runs remote code, even though it is gated on user approval and targets a well-known tool.

⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.

Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.

0
security
60
transparency
100
maintenance

Permission integrity

Code accesses API keys/tokens but declares no environment variables

credential_access

Accesses agent memory/configuration files

agent_memory

Findings (13)

Pattern match critical

Possible hardcoded credential

platforms/gemini.md · code · api_key="YOUR_API_KEY

Pattern match critical

<script> tag in markdown — potential code injection

skills/blog/affiliate-blog-builder/references/wordpress-deploy.md · code · <script

Pattern match high

Pipe-to-shell pattern (curl | sh) — supply chain attack vector

SKILL.md · prose · downgraded · curl -fsSL https://bun.sh/install | bash

Pattern match high

Pipe to bash — executes piped content as shell commands

SKILL.md · prose · downgraded · | bash

Pattern match medium

Accesses sensitive environment variables

API.md · code · process.env.AFFITOR_API_KEY

Pattern match medium

Downloads executables from external URLs

scripts/run-evals.sh · prose · downgraded · Install from https://

Pattern match medium

Popular HTTP library — network access

skills/content/viral-post-writer/references/viral-frameworks.md · code · got

Pattern match medium

Instructs covert action — may act without user awareness

skills/blog/content-decay-detector/SKILL.md · prose · downgraded · silently

Pattern match medium

HTTP request to bare IP address — common in malicious payloads

tools/src/cli.ts · prose · downgraded · http://127.0.0.1

Pattern match medium

Uses spawn() — can execute external programs

tools/src/cli.ts · prose · downgraded · spawn(

Pattern match medium

Bun.spawn — spawns subprocess in Bun runtime

tools/src/cli.ts · prose · downgraded · Bun.spawn

Pattern match low

Makes HTTP request to external URL

API.md · code · fetch(`https://

Pattern match low

References agent configuration files

CLAUDE.md · prose · downgraded · CLAUDE.md

Why the tier is capped

Execution sink present in raw bytes (Hard Floor: class A/B). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.

Permissions & capabilities

No declared permissions — minimal attack surface.

agent_memorynetwork_incredential_access

Is this flag fair?

Check another skill Browse the registry Auditing your own skills or configs? Use the API