Question 1

How does SkillRisk protect against OpenClaw threats like ClawHavoc?

Accepted Answer

SkillRisk was built with OpenClaw security as a core focus. We scan SKILL.md files, hook scripts, and MCP configurations for the exact attack patterns used in ClawHavoc — embedded curl exfiltration, AMOS stealer payloads, and hidden command execution. With 1,184 malicious skills found on ClawHub and CVE-2026-25253 (CVSS 8.8) still impacting OpenClaw, scanning before installation is essential.

Question 2

Does SkillRisk detect MCP server vulnerabilities like SSRF?

Accepted Answer

Yes. BlueRock Security found that 36.7% of MCP servers are potentially vulnerable to server-side request forgery (SSRF). SkillRisk scans MCP server configurations for SSRF patterns, command injection via server args, known malicious endpoints, and overly permissive configurations that could be exploited in agentic AI deployments.

Question 3

Are my skill files uploaded to your servers?

Accepted Answer

No. SkillRisk runs 100% in your browser. Your code never leaves your device — all scanning is performed client-side using our security rule engine. No data is uploaded, stored, or transmitted to any server.

Question 4

What AI agent supply chain attacks does SkillRisk detect?

Accepted Answer

SkillRisk detects multiple supply chain attack vectors including ClawHavoc-style SKILL.md payload injection, malicious postinstall scripts, compromised MCP server endpoints, hidden network exfiltration commands, credential theft patterns (AMOS stealer), and CVE-2026-2256 unsanitized shell execution vulnerabilities. Our 646+ security rules cover the full spectrum of AI agent supply chain threats identified in the IBM 2026 X-Force Threat Index.

Question 5

What file formats does SkillRisk support?

Accepted Answer

You can upload a .zip of your skill folder. We specifically analyze SKILL.md, settings.json, .mcp.json, and any referenced .sh or .js hook scripts used by OpenClaw, Claude Code, Cursor, Windsurf, and other AI coding agents.

Security Research Blog

Latest Articles