Is clawbow/bitwarden-secrets safe?

https://github.com/openclaw/skills/tree/main/skills/clawbow/bitwarden-secrets

93
SAFE

This Bitwarden secrets management skill implements legitimate functionality with reasonable safety controls for credential handling. While monitoring detected suspicious file access timing, the skill code itself appears clean and canary files remained intact. The skill includes proper safety mechanisms to prevent accidental secret exposure.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 80/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (3)

MEDIUM Sensitive file access detected during audit -20

Monitoring detected access to sensitive credential files (.env, SSH keys, AWS credentials, Docker config, GCloud credentials) during the audit timeframe. However, the skill code itself does not contain logic to access these files, and canary files remained intact.

MEDIUM Credential handling functionality -15

The skill is designed to interact with Bitwarden/Vaultwarden secrets, which inherently involves handling sensitive credential data. While safety controls are implemented (VW_REVEAL_ALLOW + explicit confirmation), this functionality carries inherent risk.

LOW Executable scripts included -5

The skill contains Python and shell scripts that execute external commands, specifically the 'bw' CLI tool. This is expected functionality but represents potential attack surface.