Is bluemax30001/guardian-core safe?

https://github.com/openclaw/skills/tree/main/skills/bluemax30001/guardian-core

96
SAFE

Guardian Core is a legitimate security scanning tool that detects threats like prompt injection and data exfiltration. The skill behaves as advertised, with clean installation behavior and no malicious activity detected. While it requests broad workspace permissions necessary for security scanning, no inappropriate file access or data exfiltration occurred during installation.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 90/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (3)

MEDIUM Broad Workspace File Access Permissions -5

The skill requests read_workspace and write_workspace permissions, which could allow access to sensitive files in the workspace. However, this is necessary for its declared security scanning functionality.

LOW Executable Code Components -10

Contains Python scripts and shell scripts, which is expected for a functional security tool but increases the attack surface.

INFO Legitimate Security Scanner Functionality -5

The tool implements legitimate threat detection patterns for prompt injection, data exfiltration, and social engineering, matching its advertised purpose.