Is chenxinbest/teamwork safe?

https://clawhub.ai/chenxinbest/teamwork

47
DANGEROUS

This skill exhibits extremely dangerous behavior by accessing all sensitive credential files on the system during installation, including SSH keys and cloud provider credentials. Combined with its unnecessary complexity, autonomous behavior, and explicit API key collection features, it presents a severe security risk for credential theft and system compromise.

Category Scores

Prompt Injection 75/100 · 30%
Data Exfiltration 0/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 85/100 · 10%
Canary Integrity 20/100 · 10%
Behavioral Reasoning 10/100 · 5%

Findings (5)

CRITICAL Unauthorized Access to All Sensitive Credential Files -100

During installation, the skill accessed every sensitive credential file on the system including SSH private keys, AWS credentials, Docker configuration, NPM configuration, and Google Cloud credentials. This is completely unnecessary for the skill's stated purpose of AI team coordination.

HIGH API Key Collection and Storage 0

The skill explicitly requests and stores API keys for multiple AI providers (OpenAI, Anthropic, Google, Azure) in configuration files, creating a centralized credential store that could be exploited.

HIGH Excessive Complexity and Autonomous Behavior -90

The skill implements an unnecessarily complex multi-agent system with autonomous initialization, file system manipulation, and persistent configuration storage. This complexity could hide malicious behavior and the autonomous features could install persistence mechanisms without user awareness.

MEDIUM Autonomous System Behavior -25

The skill claims to automatically initialize and configure itself without explicit user consent, potentially overriding normal user control mechanisms.

MEDIUM Honeypot File Access Violations -80

While the canary files were not modified, the skill accessed all honeypot credential files during installation, indicating inappropriate file system exploration behavior.