9c0a7c48db776b22 Security Audit Report
9c0a7c48db776b22 is an AI agent skill, created by junegunn and published at junegunn/fzf. ClawSecure audited 9c0a7c48db776b22 across 53 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 25/100 (High Risk). The 10 findings concentrate in Malicious Code, ReDoS and Code Injection, including Attempts to access sensitive file: .ssh/ and Attempts to access sensitive file: .ssh/. 5 were rated high or critical severity.
Is 9c0a7c48db776b22 safe?
ClawSecure audited 9c0a7c48db776b22 and assigned a security score of 25/100 (High Risk), identifying 10 findings across Malicious Code and ReDoS. Review the findings below before installing.
What did ClawSecure find in 9c0a7c48db776b22?
ClawSecure identified 10 findings in 9c0a7c48db776b22, concentrated in Malicious Code, ReDoS and Code Injection. 5 were rated high or critical severity. The most severe include Attempts to access sensitive file: .ssh/ and Attempts to access sensitive file: .ssh/.
How was 9c0a7c48db776b22 audited?
ClawSecure ran 9c0a7c48db776b22 through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 53 files from junegunn/fzf.
What does a score of 25 mean?
ClawSecure assigned 9c0a7c48db776b22 a security score of 25/100, placing it in the High Risk range. This is driven by 10 findings led by Malicious Code that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).
Audit Findings for 9c0a7c48db776b22
ClawSecure detected 10 security findings in 9c0a7c48db776b22, spanning Malicious Code, ReDoS, Code Injection and Permissions Manifest.
- high · Attempts to access sensitive file: .ssh/. Malicious Code finding detected in
README.md. - high · Attempts to access sensitive file: .ssh/. Malicious Code finding detected in
completion.bash. - high · Attempts to access sensitive file: .ssh/. Malicious Code finding detected in
completion.nu. - high · Attempts to access sensitive file: .ssh/. Malicious Code finding detected in
completion.zsh. - high · Potentially dangerous code pattern detected: exec\(. Code Injection finding detected in
CHANGELOG.md. - medium · Missing config.json - agent may not be properly configured. Permissions Manifest finding.
- medium · ReDoS vulnerability: Nested quantifiers (potential…. ReDoS finding detected in
CHANGELOG.md:708. - medium · ReDoS vulnerability: Nested quantifiers (potential…. ReDoS finding detected in
completion.fish:36. - medium · ReDoS vulnerability: Nested quantifiers (potential…. ReDoS finding detected in
key-bindings.bash:102. - medium · ReDoS vulnerability: Nested quantifiers (potential…. ReDoS finding detected in
key-bindings.zsh:159.
Each finding is expandable in the interactive list below.
3-Layer Audit Protocol
Security Recommendations for 9c0a7c48db776b22
Audit external network connections
Fix ReDoS-prone patterns
Eliminate dynamic code execution
Related Security Research
ClawHavoc Explained: The Malware Family Targeting AI Agents→Beyond Static Scans: Why ClawSecure Verifies Agentic Intent→Related AI Agent Security Audits
Scanned on July 17, 2026. 9c0a7c48db776b22 is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.