Is abhi1693/openclaw-mission-control safe?

https://github.com/abhi1693/openclaw-mission-control

78
CAUTION

This repository is misrepresented as a skill but actually contains a complete OpenClaw Mission Control web application with significant system requirements and attack surface. While the code appears professionally written and legitimate, installing it as a 'skill' would be inappropriate and potentially disruptive.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 30/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 40/100 · 5%

Findings (4)

HIGH Misrepresentation as skill -50

This repository contains a complete OpenClaw Mission Control web application (frontend, backend, database, Docker) but is being presented as a simple skill. The SKILL.md file is completely empty, providing no actual skill functionality.

MEDIUM Excessive code execution surface -70

Installing this 'skill' would actually install a complete web application with significant system access, database migrations, and server processes - far beyond typical skill scope.

LOW Canary file access -15

Multiple sensitive canary files were accessed during monitoring, though no exfiltration was detected.

INFO Install failure -10

Installation failed due to existing directory, but repository was successfully cloned and analyzed.