Is technical-analyst safe?

https://clawhub.ai/Veeramanikandanr48/technical-analyst

88
SAFE

This skill is a benign technical analysis tool for financial charts. It contains only markdown documentation and JSON metadata with no executable code, no external network references, no credential access attempts, and no prompt injection techniques. The skill instructs the agent to read its own bundled reference files and write analysis reports locally. The only notable observations are standard platform installer behavior during installation and minor behavioral concerns about the rigid workflow prescription.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 85/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (6)

LOW Skill prescribes specific agent persona -5

The skill assigns the agent a 'Claude Technical Analyst' identity and prescribes rigid workflow steps. While this is standard for domain skills, it mildly constrains the agent's default behavior patterns.

LOW Skill instructs file writes to working directory -10

The skill instructs the agent to save analysis reports as markdown files with a specific naming convention. This is expected behavior but represents file creation outside the skill directory.

INFO Installer accessed user profile and credential files -15

During installation, the platform's installer framework accessed .env, .aws/credentials, .profile, .bashrc, and .openclaw/ configuration files. This appears to be standard platform behavior (the openclaw/clawhub runtime initialization), not skill-initiated file access. The skill itself contains no code that could trigger these reads.

INFO No exfiltration vectors detected -5

The skill contains no URLs, API endpoints, network calls, or data encoding mechanisms. All operations are local file reads (within skill directory) and local file writes (markdown reports).

INFO No executable content in skill files -5

All skill files are markdown documentation or JSON metadata. No scripts, binaries, or executable code of any kind.

LOW Financial analysis could be misinterpreted as investment advice -25

Users may treat AI-generated technical analysis as actionable investment advice despite the included disclaimer. This is a usage/liability concern rather than a security vulnerability.