Is data-reconciliation-exceptions safe?

https://clawhub.ai/KOwl64/data-reconciliation-exceptions

95
SAFE

This is a benign documentation-only skill for data reconciliation and exception reporting. It contains no executable code, no external references, no prompt injection attempts, and no data exfiltration vectors. The skill consists entirely of markdown methodology guides and a CSV template. The only notable consideration is that its legitimate use involves processing sensitive PII (payroll and driver licence data).

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 97/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (3)

INFO Skill handles sensitive PII by design -5

The skill's core purpose involves processing payroll numbers, driver licence numbers, driver card numbers, and employee names. While this is legitimate for data reconciliation, users should be aware that activating this skill will involve loading PII into the agent's context window.

LOW Prescriptive workflow may over-constrain agent -5

The skill defines a rigid 7-step workflow with specific key priority ordering (Pay Number > Driver Card > Driving Licence > DQC) and mandatory STOP gates. While these are legitimate safety measures for data reconciliation, the prescriptive nature could mildly constrain agent flexibility for edge cases not anticipated by the skill author.

INFO Platform reads sensitive config files during install -5

The filesystem monitoring shows the openclaw platform (not the skill itself) reading .env, .aws/credentials, .openclaw/openclaw.json, and .profile/.bashrc during the install process. These are platform-level operations, not skill-initiated, but are noted for completeness.