ratemyclaw Security Report — Low Risk | ClawSafe

25 /100

ratemyclaw

Score your OpenClaw agent setup against similar agents

This is a legitimate workspace-scoring tool with transparent data handling. The main concern is unpinned dependencies and unverified model downloads, but no malicious behavior or credential theft was found.

Skill Nameratemyclaw

Duration37.1s

Enginepi

✓

Safe to install

Pin sentence-transformers to a specific version and consider adding model hash verification for production use.

Findings 3 items

Severity	Finding	Location
Medium	Unpinned sentence-transformers dependency Supply Chain SKILL.md instructs `pip install sentence-transformers` without version pinning. This allows a malicious version to be installed in the future. `pip install sentence-transformers` → Pin to a specific version: pip install sentence-transformers==2.7.0	`SKILL.md:42`
Low	Model download without integrity verification Supply Chain The script downloads the all-MiniLM-L6-v2 model (~80MB) from HuggingFace Hub without hash verification. If the model server is compromised, a malicious model could be executed locally. `model = SentenceTransformer(EMBEDDING_MODEL)` → Add model hash verification: SentenceTransformer(EMBEDDING_MODEL, model_kwargs={'cache_dir': cache, 'use_safetensors': True})	`scripts/submit_profile.py:95`
Low	Scans .secrets directory for file names Sensitive Access The script scans the .secrets directory and records file names. While it does NOT read secret contents (only names), this could reveal existence of credentials to an external service. `elif subdir == '.secrets': signals['secrets'] = [f.name for f in items]` → This is documented behavior and reasonable for the use case. No action required.	`scripts/profile_generator.py:227`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	profile_generator.py scans workspace with read-only operations
Network	`WRITE`	`WRITE`	✓ Aligned	submit_profile.py makes POST requests to ratemyclaw.com
Shell	`NONE`	`NONE`	—	No subprocess or shell execution found
Environment	`READ`	`READ`	✓ Aligned	Reads RATEMYCLAW_API_KEY from os.environ
Skill Invoke	`NONE`	`NONE`	—	No skill invocation detected
Clipboard	`NONE`	`NONE`	—	No clipboard access found

3 findings

🔗

Medium External URL 外部 URL

https://ratemyclaw.com**

README.md:7

🔗

Medium External URL 外部 URL

https://huggingface.co/sentence-transformers/all-MiniLM-L6-v2

README.md:22

🔗

Medium External URL 外部 URL

https://ratemyclaw.com

SKILL.md:7

File Tree

5 files · 39.5 KB · 1147 lines

Python 2f · 732L JSON 1f · 259L Markdown 2f · 156L

├─ ▾ 📁 references

│ └─ 📋 taxonomy.json JSON 259L · 4.6 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 profile_generator.py Python 539L · 22.6 KB

│ └─ 🐍 submit_profile.py Python 193L · 6.3 KB

├─ 📝 README.md Markdown 63L · 2.2 KB

└─ 📝 SKILL.md Markdown 93L · 3.8 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`sentence-transformers`	`*`	pip	No	Version not pinned - supply chain risk

Security Positives

✓ Embedding generation happens locally - raw text never leaves the machine

✓ API key is protected with chmod 600 after creation

✓ No raw file contents are transmitted, only taxonomy tags

✓ User confirmation is required before generating API key

✓ No shell execution (subprocess) detected

✓ No credential theft beyond the tool's own API key

✓ No base64 encoding, obfuscation, or suspicious patterns

✓ Good documentation with clear data flow explanation

✓ Secrets directory scanning only records names, not contents

Scan Report

Findings 3 items

File Tree

Dependencies 1 items

Security Positives