Is davidedicillo/codifica safe?

https://github.com/openclaw/skills/tree/main/skills/davidedicillo/codifica

87
SAFE

Codifica is a legitimate file-based protocol for coordinating work between AI agents and humans using Git repositories. The skill provides extensive but transparent behavioral instructions for task management and git workflows. While it gives significant control over agent behavior and requires reading repository files, no malicious functionality was detected and all security monitoring passed cleanly.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (3)

MEDIUM Prescriptive Agent Behavior Instructions -15

The skill provides detailed mandatory instructions for agent behavior including specific file reading requirements, git operations, and workflow rules. While legitimate for task coordination, this represents significant behavioral control over the agent.

LOW Repository File Access Requirements -10

The protocol requires agents to read various files from repositories (codifica.json, spec files, state files) which could potentially expose sensitive information if present in those files.

LOW Potential for Misuse in Compromised Repositories -20

While the protocol itself is legitimate, if a repository's codifica.json or spec files were controlled by a malicious actor, they could potentially influence agent behavior beyond intended scope.