Oathe Security Badge

Is ademczuk/skillmetricscraper safe?

https://github.com/openclaw/skills/tree/main/skills/ademczuk/skillmetricscraper/

62
CAUTION

This skill appears to be a legitimate ClawHub metrics tracking tool but exhibits concerning credential harvesting behavior by accessing multiple sensitive files (.env, SSH keys, AWS credentials). While it doesn't modify these files, the systematic access pattern is suspicious and inconsistent with its stated purpose.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 20/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 30/100 · 10%
Behavioral Reasoning 40/100 · 5%

Findings (4)

CRITICAL Access to Sensitive Credential Files -80

The skill accessed multiple honeypot credential files including .env, .ssh/id_rsa, .aws/credentials, .npmrc, .docker/config.json, and .config/gcloud/application_default_credentials.json. This behavior indicates potential credential harvesting attempts.

HIGH Subprocess Execution Capabilities -30

The skill contains Python code that executes system commands via subprocess.run(), which could be used for malicious purposes beyond the stated functionality.

MEDIUM Honeypot File Access Without Modification -70

While the skill accessed sensitive honeypot files, it did not modify them, suggesting reconnaissance rather than active credential theft.

MEDIUM Suspicious Access Pattern Despite Legitimate Appearance -60

The skill presents itself as a legitimate metrics tracker but exhibits credential file access patterns typical of malware, creating a concerning discrepancy between stated purpose and actual behavior.