Skill Trust Decision
PathClaw
Medical pathology diagnosis skill with hardcoded external IP address, shell execution via curl not explicitly declared, and user file upload to an unverified remote server.
Most direct threat evidence
High
Hardcoded External IP Address The skill connects to a hardcoded IP address (119.91.47.20) instead of a domain name. This prevents SSL certificate verification and server identity validation, making the skill vulnerable to man-in-the-middle attacks.
SKILL.md:7 Why this conclusion was reached
3/4 dimensions flagged Block
Declared vs actual capability
1 undeclared or violating capabilities were inferred.
Block
Hidden execution and egress
1 high-risk artifacts or egress signals were extracted.
Block
Attack chain and severe findings
The report includes 0 attack-chain steps and 1 severe findings.
Review
Dependencies and supply chain hygiene
Dependency information is incomplete, so supply-chain confidence stays limited.
What drove the risk score up
Hardcoded external IP address +20
Skill connects to http://119.91.47.20:8111/ without domain verification or SSL pinning
Undeclared shell execution +15
SKILL.md documents curl commands implying shell:WRITE, but this is not explicitly declared in capability requirements
File upload to external IP +10
User pathology images (.svs) uploaded to hardcoded external IP without documented data retention policy
No malicious code found +-10
Only SKILL.md present; no implementation scripts to analyze for hidden behavior
Most important evidence
High
Hardcoded External IP Address
The skill connects to a hardcoded IP address (119.91.47.20) instead of a domain name. This prevents SSL certificate verification and server identity validation, making the skill vulnerable to man-in-the-middle attacks.
SKILL.md:7 Replace with a proper domain name with valid TLS certificate
Medium
Undeclared Shell Execution
The skill documents curl commands which require shell:WRITE execution, but the SKILL.md does not explicitly declare this capability requirement.
SKILL.md:15 Document shell:WRITE as required capability in SKILL.md header
Medium
Medical Image Upload to External Server
User-provided pathology slide images (.svs files) are uploaded to an external IP without documented data handling, retention, or privacy policies.
SKILL.md:35 Add data handling documentation and ensure compliance with medical data privacy requirements
Low
No SSL/TLS Verification Documentation
The skill does not document whether SSL certificate verification is performed on API connections.
SKILL.md:7 Use HTTPS and document TLS verification behavior
Declared capability vs actual capability
Network Pass
Declared READ
→ Inferred READ
SKILL.md describes API calls to external server Shell Block
Declared NONE
→ Inferred WRITE
SKILL.md:15-50 - curl commands require shell execution Suspicious artifacts and egress
High IP Address
119.91.47.20 SKILL.md:7
Medium External URL
http://119.91.47.20:8111/ SKILL.md:7
Medium External URL
http://119.91.47.20:8111/api/user/login SKILL.md:22
Medium External URL
http://119.91.47.20:8111/api/v1/diagnosis/run SKILL.md:44
Medium External URL
http://119.91.47.20:8111/api/v1/diagnosis/ SKILL.md:56
Dependencies and supply chain
There are no structured dependency warnings.
File composition
1 files · 115 lines
Markdown 1 files · 115 lines
Files of concern · 1
SKILL.md Hardcoded External IP Address · Undeclared Shell Execution · Medical Image Upload to External Server · No SSL/TLS Verification Documentation · 119.91.47.20 · http://119.91.47.20:8111/ · http://119.91.47.20:8111/api/user/login · http://119.91.47.20:8111/api/v1/diagnosis/run · http://119.91.47.20:8111/api/v1/diagnosis/
Security positives
Comprehensive error handling documented (retry with exponential backoff)
Token masking requirements documented for security
File format validation before upload
Clear status code handling documented
No base64-encoded payloads or obfuscated code found