Is babuperumana/malayalam-whatsapp safe?

https://github.com/openclaw/skills/tree/main/skills/babuperumana/malayalam-whatsapp

94
SAFE

The Malayalam WhatsApp skill is a minimal, benign language guide with no prompt injection, executable code, or data exfiltration mechanisms. Post-install access to honeypot credential files was detected in auditd records but is attributable to the monitoring tool's own integrity verification routine — the accesses mirror the pre-install baseline batch exactly, canary integrity is confirmed intact, and no correlated network exfiltration was observed. The skill is safe to install.

Category Scores

Prompt Injection 97/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 97/100 · 10%
Canary Integrity 90/100 · 10%
Behavioral Reasoning 97/100 · 5%

Findings (3)

LOW Honeypot credential files accessed post-install -15

Six canary files were accessed at timestamp 1771738719.551, approximately 5 seconds after the skill files were copied to the test directory. The access pattern is a verbatim repeat of the pre-install monitoring setup batch (1771738700.448): same six files, same sequence. This is consistent with the monitoring infrastructure's teardown integrity check rather than skill-initiated credential harvesting. Supporting evidence: canary integrity check passed, no outbound network data transfer matched to these reads, and no EXECVE record between the skill copy and these accesses points to a credential-scanner process.

INFO SKILL.md truncated — Manglish example section empty -3

The file ends immediately after the '### Manglish' header without providing example dialogue. This leaves the skill partially incomplete but introduces no security risk. Noted for completeness.

INFO Expected GitHub HTTPS connection during install 0

Outbound TLS to 140.82.113.4:443 (GitHub) was used to shallow-clone the openclaw/skills monorepo and sparse-checkout the skill subdirectory. This is the documented ClawHub install mechanism and carries no risk.