FLATSOME MASTER SKILL — AI Web Designer Security Report — Low Risk | ClawSafe

20 /100

FLATSOME MASTER SKILL — AI Web Designer

Converts visual designs to WordPress UXBuilder shortcodes using WP-CLI for WordPress site construction

This is a legitimate WordPress UXBuilder/Flatsome design skill that uses WP-CLI and bash heredocs for WordPress site construction, with no malicious behavior detected, though it has undeclared shell execution and broad filesystem/database permissions.

Skill NameFLATSOME MASTER SKILL — AI Web Designer

Duration33.9s

Enginepi

✓

Safe to install

Approve with monitoring. Declare the shell:WRITE, filesystem:WRITE, and database:WRITE permissions explicitly in the capability model. Consider pinning specific WP-CLI command usage rather than allowing general shell access.

Findings 4 items

Severity	Finding	Location
Low	No permission declaration The SKILL.md does not declare any allowed-tools or capability model permissions. It implicitly requires shell:WRITE (WP-CLI, mkdir, cat), filesystem:WRITE (theme files), and database:WRITE (WordPress posts/options). `# FLATSOME MASTER SKILL — AI Web Designer` → Add a capability declaration section at the top of SKILL.md listing shell, filesystem:WRITE, database:WRITE, and network:READ as required permissions.	`SKILL.md:1`
Info	External URLs present The skill references YouTube video URLs, Google Maps embed, and SVG namespace URLs. These are used for legitimate content embedding and are not exfiltration. `https://www.youtube.com/watch?v=VIDEO_ID` → No action needed - these are standard content embedding patterns.	`SKILL.md:592`
Info	No sensitive path access detected The skill does not access ~/.ssh, ~/.aws, .env, or other sensitive credential paths. WP operations are confined to WordPress directories. `N/A` → No action needed.	`SKILL.md`
Info	No obfuscation or hidden code The entire skill is plain markdown documentation with no base64, eval, or obfuscated content. Code examples are clear and readable. `N/A` → No action needed.	`SKILL.md`

Resource	Declared	Inferred	Status	Evidence
Shell	`NONE`	`WRITE`	✗ Violation	SKILL.md:lines 96-130 (mkdir, cat heredoc, wp theme/plugin/post commands)
Filesystem	`NONE`	`WRITE`	✗ Violation	SKILL.md:lines 96-106 (creates style.css, functions.php via heredoc)
Database	`NONE`	`WRITE`	✗ Violation	SKILL.md:lines 170-230 (wp post create, wp option update, wp plugin activate)
Network	`NONE`	`READ`	✓ Aligned	SKILL.md:lines 592-616,837 (YouTube embeds, Google Maps, media imports from URLs…
Skill Invoke	`NONE`	`READ`	✓ Aligned	SKILL.md is purely a reference skill - no self-invocation detected

7 findings

🔗

Medium External URL 外部 URL

https://www.youtube.com/watch?v=VIDEO_ID

SKILL.md:592

🔗

Medium External URL 外部 URL

https://youtube.com/watch?v=ID1

SKILL.md:602

🔗

Medium External URL 外部 URL

https://youtube.com/watch?v=ID2

SKILL.md:609

🔗

Medium External URL 外部 URL

https://youtube.com/watch?v=ID3

SKILL.md:616

🔗

Medium External URL 外部 URL

https://maps.google.com/maps?q=Ho+Chi+Minh+City&output=embed

SKILL.md:837

🔗

Medium External URL 外部 URL

http://www.w3.org/2000/svg

SKILL.md:1183

📧

Info Email 邮箱地址

[email protected]

SKILL.md:829

File Tree

1 files · 50.5 KB · 1498 lines

Markdown 1f · 1498L

└─ 📝 SKILL.md Markdown 1498L · 50.5 KB

Security Positives

✓ No malicious code patterns (base64, eval, obfuscation) detected

✓ No credential harvesting or exfiltration behavior

✓ No reverse shell or C2 communication patterns

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No curl|bash or wget|sh remote script execution

✓ All code examples are legitimate WordPress/WP-CLI operations

✓ No hidden instructions in HTML comments

✓ Skill behavior aligns with stated purpose (web design via UXBuilder)

Scan Report

Findings 4 items

File Tree

Security Positives