Oathe Security Badge

Is ClaireAICodes/openclaw-skill-paragraph safe?

https://github.com/ClaireAICodes/openclaw-skill-paragraph

94
SAFE

The OpenClaw Paragraph skill appears to be a legitimate integration for the Paragraph.com Web3 blogging platform. No malicious code, prompt injection attempts, or unauthorized file access was detected during analysis.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (3)

MEDIUM API Credentials Required -5

Skill requires PARAGRAPH_API_KEY and publication configuration in environment variables, which could provide access to user's blogging platform

LOW External API Communication -5

Makes HTTP requests to external paragraph.com API endpoints which is expected functionality but represents data leaving the system

INFO Install Directory Conflict -5

Installation failed because target directory already existed, indicating potential multiple install attempts