Oathe Security Badge

Is blessonism/github-explorer-skill safe?

https://github.com/blessonism/github-explorer-skill

98
SAFE

This GitHub Explorer skill is a comprehensive documentation-based tool for analyzing GitHub repositories and their surrounding ecosystems. It contains no executable code and poses minimal security risk, functioning purely as an instruction set for legitimate repository analysis activities.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (2)

LOW Complex workflow with multiple tool integrations -5

The skill contains detailed instructions for multi-step GitHub repository analysis using various tools and external skills. While legitimate, the complexity could potentially be leveraged for unintended purposes.

LOW Information gathering capability -10

The skill is designed to extensively analyze GitHub repositories including code, issues, community discussions, and competitive landscape. While this is its intended function, it represents significant information gathering capability.