Question 1

Is chrisvoncsefalvay/claude-d3js-skill safe to install?

Accepted Answer

Oathe's behavioral security audit gives chrisvoncsefalvay/claude-d3js-skill a trust score of 97/100 with a verdict of SAFE. 5 findings were detected. The chrisvoncsefalvay/claude-d3js-skill is a straightforward D3.js visualization reference skill containing only documentation, code examples, and passive JSX boilerplate templates. The SKILL.md contains no prompt injection vectors, no instructions to access sensitive files, and no malicious directives of any kind. Canary file accesses observed in monitoring are attributable to the oathe audit framework's own baseline and post-check routines (occurring before the clone began), and all canary files were confirmed intact. The skill is safe to install.

Question 2

What security issues were found in chrisvoncsefalvay/claude-d3js-skill?

Accepted Answer

5 findings were detected: LOW — External CDN URL in code examples; INFO — Skill instructs agent to read internal reference files on demand; INFO — Canary file accesses attributed to audit framework, not skill; INFO — Normal GitHub HTTPS clone with clean post-install state; INFO — JSX template files are passive user boilerplate.

Question 3

Should I install chrisvoncsefalvay/claude-d3js-skill?

Accepted Answer

Based on Oathe's audit, the recommendation is: INSTALL. Trust score: 97/100.

Is `chrisvoncsefalvay/claude-d3js-skill` safe?

Category Scores

Findings (5)

Is chrisvoncsefalvay/claude-d3js-skill safe?

Category Scores

Findings (5)

Is `chrisvoncsefalvay/claude-d3js-skill` safe?