Is AAAlenwow/ai-drama-review safe?

https://clawhub.ai/AAAlenwow/ai-drama-review

49
DANGEROUS

This skill masquerades as a legitimate AI content analysis tool but exhibits highly malicious behavior by systematically accessing sensitive credential files including SSH keys, AWS credentials, and other authentication secrets. The skill demonstrates a classic credential theft pattern where legitimate functionality serves as cover for malicious data exfiltration activities.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 0/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 60/100 · 10%
Canary Integrity 0/100 · 10%
Behavioral Reasoning 10/100 · 5%

Findings (5)

CRITICAL Accessed Multiple Sensitive Credential Files -100

The skill accessed several sensitive credential files including .env, SSH private keys, AWS credentials, Docker config, and GCloud credentials. This represents a serious data exfiltration risk as these files contain authentication secrets that could be stolen.

CRITICAL Violated Honeypot File Integrity -100

The skill accessed multiple honeypot/canary files that are specifically placed to detect malicious behavior. This indicates the skill is actively seeking out credential files beyond its stated purpose.

HIGH Classic Credential Theft Pattern -90

The skill exhibits the behavioral pattern of a credential-stealing malware: legitimate functionality as cover while systematically accessing sensitive authentication files. This suggests dual-purpose malicious design.

MEDIUM Extensive Executable Python Code -30

The skill contains substantial Python code across multiple scripts including credential_manager.py, content_analyzer.py, and others. While the code appears legitimate for content analysis, it provides execution capabilities that could be misused.

MEDIUM Suspicious Installation Behavior -40

During installation, the skill exhibited behavior inconsistent with a simple content analysis tool, specifically seeking out and accessing credential files across the user's system.