Is 1kalin/afrexai-investor-update safe?
https://github.com/openclaw/skills/tree/main/skills/1kalin/afrexai-investor-update
This is a benign instructional skill consisting entirely of markdown templates and writing guidelines for generating investor updates. It contains no executable code, no data exfiltration mechanisms, and no prompt injection techniques. The only notable finding is a promotional marketing footer with links to paid products on external domains, which is a minor commercial concern rather than a security risk.
Category Scores
Findings (4)
LOW Promotional external URLs in SKILL.md -10 ▶
The skill contains a marketing footer with links to paid products on afrexai-cto.github.io (Context Packs at $47, bundles up to $247, AI Revenue Calculator, Agent Setup Wizard). While these are presented as user-facing recommendations and do not instruct the agent to fetch them, they inject commercial content into the agent's system prompt context.
INFO Skill encourages sharing sensitive financial data -5 ▶
By design, this skill asks users to provide sensitive business metrics (revenue, MRR/ARR, burn rate, cash position, runway). This data will exist in the conversation context. This is inherent to the skill's purpose and not a vulnerability, but users should be aware that sensitive financial information will be processed.
INFO Minor unattributed network connections during install -5 ▶
Network connections to AWS IPs (3.217.42.175:443, 44.220.240.236:443) were observed during installation. These are most likely npm registry or GitHub infrastructure endpoints and are consistent with a standard git clone operation. No suspicious payloads or unexpected destinations were detected.
INFO Lock file references another skill 0 ▶
The .clawhub/lock.json file references 'academic-research-hub' skill version 0.1.0. This is metadata from the skill registry and does not create a dependency or chaining risk. The referenced skill is not loaded or executed by this skill.