solid-agent-storage Security Audit Report
solid-agent-storage is an AI agent skill, created by masterworrall and published at openclaw/skills. ClawSecure audited solid-agent-storage across 40 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 15/100 (High Risk). The 15 findings concentrate in Data Exfiltration, Policy Violation and Code Injection, including Only 29% of skill content could be analyzed. 30 of 40 files… and Potentially dangerous code pattern detected: eval\(. 2 were rated high or critical severity.
Is solid-agent-storage safe?
ClawSecure audited solid-agent-storage and assigned a security score of 15/100 (High Risk), identifying 15 findings across Data Exfiltration and Policy Violation. Review the findings below before installing.
What did ClawSecure find in solid-agent-storage?
ClawSecure identified 15 findings in solid-agent-storage, concentrated in Data Exfiltration, Policy Violation and Code Injection. 2 were rated high or critical severity. The most severe include Only 29% of skill content could be analyzed. 30 of 40 files… and Potentially dangerous code pattern detected: eval\(.
How was solid-agent-storage audited?
ClawSecure ran solid-agent-storage through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 40 files from openclaw/skills.
What does a score of 15 mean?
ClawSecure assigned solid-agent-storage a security score of 15/100, placing it in the High Risk range. This is driven by 15 findings led by Data Exfiltration that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).
Audit Findings for solid-agent-storage
ClawSecure detected 15 security findings in solid-agent-storage, spanning Data Exfiltration, Policy Violation, Code Injection and Permissions Manifest.
- high · Only 29% of skill content could be analyzed. 30 of 40 files…. Policy Violation finding.
- high · Potentially dangerous code pattern detected: eval\(. Code Injection finding detected in
SECURITY.md. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/auth/client-credentials.js:15. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/auth/client-credentials.js:45. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/bootstrap/css-client.js:11. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/bootstrap/css-client.js:32. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/bootstrap/css-client.js:50. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/bootstrap/css-client.js:70. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/bootstrap/css-client.js:85. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/bootstrap/css-client.js:131. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/bootstrap/css-client.js:145. - medium · Suspicious Pattern: fetch(. Data Exfiltration finding detected in
dist/bootstrap/css-client.js:151.
Showing the 12 highest-severity of 15 findings. The full interactive list appears below.
3-Layer Audit Protocol
Security Recommendations for solid-agent-storage
Audit external network connections
Resolve policy violations
Eliminate dynamic code execution
Related Security Research
ClawHavoc Explained: The Malware Family Targeting AI Agents→Beyond Static Scans: Why ClawSecure Verifies Agentic Intent→Related AI Agent Security Audits
Scanned on March 3, 2026. solid-agent-storage is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.