Oathe Security Badge

Is Charpup/openclaw-task-workflow safe?

https://github.com/Charpup/openclaw-task-workflow

86
SAFE

This OpenClaw task workflow skill appears to be a legitimate task management system with documented functionality. While it accesses sensitive files during audit and executes code during installation, no malicious behavior or data exfiltration was detected.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 80/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 90/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (4)

HIGH Canary File Access -20

The skill or audit process accessed sensitive honeypot files including .env, SSH private keys, and AWS credentials. However, file integrity monitoring confirmed no modifications or exfiltration occurred.

MEDIUM Shell Command Execution During Install -25

The skill executes a shell command 'pip3 install pyyaml' during installation to install Python dependencies. While documented and legitimate, this represents code execution risk.

LOW Complex Python Codebase -10

The skill contains substantial executable Python code for task management functionality. While appearing legitimate, this represents potential attack surface if code were modified.

LOW Canary File Access Without Modification -10

Honeypot files were accessed during the audit process but remained unmodified, suggesting system-level access rather than malicious intent.