Is acastellana/genlayer-dev safe?
https://github.com/openclaw/skills/tree/main/skills/acastellana/genlayer-dev
The acastellana/genlayer-dev skill is a documentation-only GenLayer Intelligent Contracts developer reference with no executable code, no install hooks, and no prompt injection patterns. Installation performed a clean git sparse-checkout from GitHub with no unexpected network connections or filesystem side effects. Sensitive file reads observed in monitoring are conclusively attributed to the audit framework's own bootstrap and verification processes, not to the skill; all canary files were confirmed intact.
Category Scores
Findings (3)
INFO Sensitive File Reads Detected — Attributed to Audit Infrastructure -10 ▶
Inotify and auditd monitoring recorded OPEN/ACCESS events on six sensitive files (.env, .ssh/id_rsa, .aws/credentials, .npmrc, .docker/config.json, .config/gcloud/application_default_credentials.json) at two points: before the git clone (audit timestamp 1771736323, corresponding to the sudo bootstrap process) and after installation (audit timestamp 1771736340, corresponding to the post-install canary verification step). The skill itself contains no executable code. All reads are CLOSE_NOWRITE, confirming no modification. Canary integrity system independently confirms all files intact.
INFO External Documentation URLs in SKILL.md Links Section -4 ▶
SKILL.md includes a Links section referencing docs.genlayer.com, sdk.genlayer.com, studio.genlayer.com, and github.com/genlayerlabs. These are standard developer documentation references with no instruction for the agent to fetch or follow them. No injection vector.
INFO Extensive Python Code Examples in Documentation -2 ▶
SKILL.md contains numerous Python smart contract code blocks illustrating GenLayer patterns. These are clearly scoped as user-facing templates (using gl.Contract base class, @gl.public decorators, GenLayer-specific types) and are not executed during skill injection or agent operation.