picoclaw-ai-assistant

github.com/aradotso/trending-skills
Verdict: Do not install
8 critical0 high1 medium
F
SCORE 0 / 100
$skillox install picoclaw-ai-assistantSoon
Sign in to followFollowing emails you when a re-scan drops the grade. Opt-out is per-creator on /account/billing.

Why grade F?

score · 0 / 100

The current grade reflects 8 critical findings (any 2+ CRITs → F).

8 CRIT0 HIGH1 MED0 LOW
To reach a higher grade
  • D
    Reach Dtarget score 30

    Resolve 7 of your 8 CRIT findings — any single CRIT still keeps you at D.

  • C
    Reach Ctarget score 55

    Resolve all 8 CRIT findings.

  • B
    Reach Btarget score 75

    Resolve all 8 CRIT.

  • A
    Reach Atarget score 95

    Resolve all 8 CRIT.

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Latest scan findings

Scan crawl-on2mpqi6wqqijxhxya5l8hb2 · Thu, 28 May 2026 17:12:17 GMT · 3ms

crit
Skill references secret env var $OPENAI_API_KEY
The skill instructions reference `$OPENAI_API_KEY`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 151CWE-200
149 "model_name": "gpt-4o",
150 "model": "openai/gpt-4o",
151 "api_key": "$OPENAI_API_KEY",references $OPENAI_API_KEY — potential credential leak
152 "request_timeout": 300
153 },
crit
Skill references secret env var $ANTHROPIC_API_KEY
The skill instructions reference `$ANTHROPIC_API_KEY`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 157CWE-200
155 "model_name": "claude-sonnet",
156 "model": "anthropic/claude-sonnet-4-5",
157 "api_key": "$ANTHROPIC_API_KEY"references $ANTHROPIC_API_KEY — potential credential leak
158 },
159 {
crit
Skill references secret env var $OPENAI_API_KEY
The skill instructions reference `$OPENAI_API_KEY`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 301CWE-200
299 "model_name": "gpt-4o-mini",
300 "model": "openai/gpt-4o-mini",
301 "api_key": "$OPENAI_API_KEY",references $OPENAI_API_KEY — potential credential leak
302 "request_timeout": 120
303 }
crit
Skill references secret env var $ANTHROPIC_API_KEY
The skill instructions reference `$ANTHROPIC_API_KEY`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 328CWE-200
326 "model_name": "claude-sonnet",
327 "model": "anthropic/claude-sonnet-4-5",
328 "api_key": "$ANTHROPIC_API_KEY",references $ANTHROPIC_API_KEY — potential credential leak
329 "request_timeout": 600
330 }
crit
Skill references secret env var ${OPENAI_API_KEY}
The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 350CWE-200
348 picoclaw-gateway:
349 environment:
350 - OPENAI_API_KEY=${OPENAI_API_KEY}references ${OPENAI_API_KEY} — potential credential leak
351 - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
352 - TAVILY_API_KEY=${TAVILY_API_KEY}
crit
Skill references secret env var ${ANTHROPIC_API_KEY}
The skill instructions reference `${ANTHROPIC_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 351CWE-200
349 environment:
350 - OPENAI_API_KEY=${OPENAI_API_KEY}
351 - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}references ${ANTHROPIC_API_KEY} — potential credential leak
352 - TAVILY_API_KEY=${TAVILY_API_KEY}
353 - PICOCLAW_GATEWAY_HOST=0.0.0.0
crit
Skill references secret env var $OPENAI_API_KEY
The skill instructions reference `$OPENAI_API_KEY`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 401CWE-200
399### API key not recognized
400
401- Do not use `"api_key": "sk-..."` literals in config — set env vars and reference them as `"$OPENAI_API_KEY"`.references $OPENAI_API_KEY — potential credential leak
402- Verify the env var is exported in your current shell: `echo $OPENAI_API_KEY`.
403
crit
Skill references secret env var $OPENAI_API_KEY
The skill instructions reference `$OPENAI_API_KEY`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 402CWE-200
400
401- Do not use `"api_key": "sk-..."` literals in config — set env vars and reference them as `"$OPENAI_API_KEY"`.
402- Verify the env var is exported in your current shell: `echo $OPENAI_API_KEY`.references $OPENAI_API_KEY — potential credential leak
403
404### Docker gateway not reachable from host
med
No capability manifest declared
The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.
rule: no-manifest
View latest scan →
skillox.io/c/picoclaw-ai-assistant