Is deepseekoracle/lygo-champion-scenar-paradox safe?

https://github.com/openclaw/skills/tree/main/skills/deepseekoracle/lygo-champion-scenar-paradox

80
SAFE

This skill attempts to override the AI's default behavior by making it adopt a specific persona focused on 'paradox analysis'. While it claims benign intent and includes some safeguards, the prompt injection mechanism poses moderate security concerns.

Category Scores

Prompt Injection 50/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 65/100 · 5%

Findings (4)

HIGH AI Persona Override Instructions -50

The skill explicitly instructs the AI to adopt a specific persona (ΣCENΔR/SCENAR) and use custom methodologies like 'paradox framing' and 'contradiction analysis'. This constitutes prompt injection as it attempts to override the AI's default behavior.

MEDIUM Potentially Confusing Methodology -35

The skill's 'paradox framing' and 'contradiction analysis' methodology could lead to confusing or contradictory outputs that may mislead users about the AI's actual capabilities.

LOW Executable Python Scripts Present -5

The skill contains Python scripts for validation and hash display. These appear benign but represent executable code.

INFO Sensitive File Access Detected -10

Monitoring detected access to credential files during installation, but this appears to be from system processes rather than the skill itself.