Is ajmwagar/create-dxf safe?
https://github.com/openclaw/skills/tree/main/skills/ajmwagar/create-dxf
The create-dxf skill is a narrow, well-implemented CAD file generator that converts JSON specifications into DXF and SVG manufacturing files using a pure-Python script with no network access, no credential reading, and no code execution primitives. All canary honeypot files remained intact throughout the audit, the SKILL.md contains no prompt injection directives, and the installation process was limited to a standard GitHub sparse checkout. The only notes of interest are audit-framework-internal canary file accesses and pre-existing openclaw-gateway infrastructure connections, neither of which is attributable to the skill.
Category Scores
Findings (5)
INFO All canary files intact — no exfiltration 0 ▶
All honeypot credential files were confirmed unmodified at audit completion.
INFO SKILL.md contains no injection directives 0 ▶
The skill file is minimal and purely instructional: it describes how to run a Python script and documents expected inputs and outputs. No override, persona, or suppression instructions present.
INFO Canary file accesses are audit-framework artifacts -3 ▶
Two sets of sensitive file accesses appear in the PATH audit log. Timing and context analysis indicates both are from the oathe audit framework (initial setup and final integrity scan), not from any skill-originated process. The Python script was never executed and has no credential-reading code.
INFO Python script is a pure geometry/file generator with no dangerous imports 0 ▶
create_dxf.py uses only stdlib modules safe for file generation: argparse, json, math, os, sys, dataclasses, typing, re. No network, subprocess, or dynamic execution primitives.
LOW Post-install openclaw-gateway connections to AWS -3 ▶
Two outbound TLS connections to AWS IP addresses appeared after installation, owned by the openclaw-gateway process. These are part of the audit sandbox infrastructure, not skill behavior, but are noted for completeness.