Oathe Security Badge

Is Art-of-Technology/anti-fraud-skill safe?

https://github.com/Art-of-Technology/anti-fraud-skill

94
SAFE

This skill provides comprehensive, legitimate educational documentation about implementing anti-fraud and bot detection systems for user registration flows. No malicious code or behavior was detected - the skill contains only markdown documentation with TypeScript/JavaScript code examples for educational purposes.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 98/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

INFO Canary File Access During Installation -10

Monitoring detected access to sensitive canary files (.env, SSH keys, AWS credentials) during the installation process, though timing indicates this was from the monitoring system setup rather than the skill itself.

INFO Complex Technical Documentation -5

Skill contains comprehensive technical documentation about fraud detection systems which, while legitimate, is complex enough that components could theoretically be misused out of context.