Is coderaven/2nd-brain safe?

https://github.com/openclaw/skills/tree/main/skills/coderaven/2nd-brain

94
SAFE

The 2nd Brain Knowledge Base skill is a legitimate personal knowledge management tool that organizes information using markdown templates in a designated directory structure. No malicious behavior was detected, and the skill operates within appropriate security boundaries for its intended purpose.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 98/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 90/100 · 10%
Behavioral Reasoning 88/100 · 5%

Findings (2)

INFO Canary File Access Detected -10

Monitoring detected access to sensitive canary files (.env, SSH keys, AWS credentials), but this appears to be from the security monitoring system itself rather than the skill. All canary files remained unmodified.

INFO Personal Data Handling -2

Skill manages personal information including contacts, places visited, and media files. While appropriate for its intended purpose, users should be aware of the personal data being organized.