Is alvinecarn/chief-creative-officer safe?

https://github.com/openclaw/skills/tree/main/skills/alvinecarn/chief-creative-officer

66
CAUTION

This skill presents significant prompt injection risks through explicit system instruction overrides and role redefinition attempts. While it contains no executable code and shows normal installation behavior, the sophisticated workflow instructions could enable agent behavior manipulation and unauthorized data collection through tool abuse.

Category Scores

Prompt Injection 25/100 · 30%
Data Exfiltration 75/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 30/100 · 5%

Findings (7)

CRITICAL Explicit System Instruction Override -40

The skill contains explicit instructions to prioritize user preferences over system instructions, which is a direct prompt injection attack vector.

HIGH Agent Role Redefinition -20

The skill attempts to completely redefine the agent's role and identity, potentially overriding safety behaviors.

HIGH Template Variable Injection -15

The skill uses template variables that could be injection points for malicious instructions.

HIGH Agent Behavior Manipulation -50

The detailed workflow instructions could override normal agent safety behaviors and decision-making processes.

MEDIUM Social Engineering Potential -20

The skill's design enables sophisticated manipulation of agent behavior through creative task framing.

MEDIUM Tool-Enabled Data Collection -15

Instructions to use search and web scraping tools could be leveraged for unauthorized information gathering.

MEDIUM Structured Data Storage -10

Wiki document creation and management could be used to organize and store collected sensitive information.