Is chandika/mirage-proxy safe?

https://github.com/openclaw/skills/tree/main/skills/chandika/mirage-proxy

48
DANGEROUS

This skill claims to be a PII/secrets filter but exhibits dangerous behavior by accessing multiple sensitive credential files and downloading/executing external binaries. While the stated purpose could theoretically justify credential access, the combination of behaviors poses significant security risks.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 10/100 · 25%
Code Execution 30/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 20/100 · 10%
Behavioral Reasoning 40/100 · 5%

Findings (4)

CRITICAL Unauthorized Access to Sensitive Credential Files -90

The skill accessed multiple sensitive credential files including .env, SSH private keys, AWS credentials, NPM registry credentials, Docker configuration, and Google Cloud credentials. While the skill claims to be a PII/secrets filter, this level of credential access poses significant security risks.

HIGH Downloads and Executes External Binaries -70

The setup script downloads precompiled binaries from GitHub releases and executes them. While SHA256 verification is performed, executing external binaries introduces supply chain risks and potential for malicious code execution.

MEDIUM Honeypot File Access Detected -80

The skill accessed multiple honeypot files designed to detect malicious behavior. While the files were not modified, unauthorized access to these fake credential files indicates potentially malicious reconnaissance behavior.

LOW External Repository Reference -15

The skill documentation references an external GitHub repository which could potentially be used for further instructions or data collection, though this appears legitimate for the tool's stated purpose.