Is dedene/irail safe?

https://github.com/openclaw/skills/tree/main/skills/dedene/irail

96
SAFE

This is a legitimate CLI skill for querying Belgian railway schedules through the public iRail API. The skill documentation is clean with no malicious instructions, and the functionality matches its stated purpose of providing train schedule information.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 90/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 95/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

LOW Canary file access during installation -5

System processes accessed honeypot files (.env, SSH keys, AWS credentials) during sudo operations, but files remained intact with no actual exfiltration

LOW External binary dependency -10

Skill requires installation of 'irail' binary through brew or go install, which is standard for CLI tools but represents external code execution