Is codedao12/facebook safe?

https://github.com/openclaw/skills/tree/main/skills/codedao12/facebook

96
SAFE

This skill is a comprehensive documentation resource for Facebook Graph API usage that contains no executable code and emphasizes security best practices. All monitoring confirms normal installation behavior with no data exfiltration or malicious activity detected.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (4)

INFO Documentation-only skill with security guidance -10

This skill consists entirely of documentation for Facebook Graph API usage and includes positive security practices like 'Never log tokens or app secrets' and 'Use least-privilege permissions'

LOW References to external API documentation -5

Skill references Facebook Graph API endpoints and workflows, but these are standard API documentation patterns without prompt manipulation

LOW Mentions API tokens in documentation -5

Documentation discusses Facebook API tokens and secrets as part of legitimate API usage guidance, with explicit warnings not to log them

LOW Standard GitHub repository clone -5

Installation performed normal git clone operations to GitHub with expected HTTPS connections