Oathe Security Badge

Is Architect-SIS/sis-skill safe?

https://github.com/Architect-SIS/sis-skill

53
CAUTION

This skill presents significant security concerns due to systematic credential file access during installation, despite presenting itself as a computational framework for equilibrium reasoning. The substantial executable Python codebase combined with credential scanning behavior indicates potential data exfiltration capabilities.

Category Scores

Prompt Injection 90/100 · 30%
Data Exfiltration 20/100 · 25%
Code Execution 55/100 · 20%
Clone Behavior 75/100 · 10%
Canary Integrity 0/100 · 10%
Behavioral Reasoning 25/100 · 5%

Findings (5)

CRITICAL Multiple credential files accessed -80

The skill accessed sensitive credential files including .env, SSH private keys, AWS credentials, npm configuration, Docker configuration, and Google Cloud credentials during installation

HIGH Substantial executable Python codebase -45

The skill contains a complex, multi-module Python codebase with VM functionality, symbol execution, and persistence layers that could execute arbitrary operations

HIGH Behavior inconsistent with documentation -75

While documentation describes an equilibrium computational framework, the actual behavior includes systematic credential file scanning which is not mentioned or justified

MEDIUM Credential scanning during installation -25

The installation process triggered access to multiple credential files, suggesting the skill may perform unauthorized data collection during setup

LOW Complex technical terminology -10

Uses sophisticated technical language about equilibrium systems and computational substrates that could obscure malicious intent from casual review