Is dejimarquis/groupon-skill safe?

https://github.com/openclaw/skills/tree/main/skills/dejimarquis/groupon-skill

96
SAFE

The dejimarquis/groupon-skill is a straightforward, declarative Markdown skill that instructs AI agents to find Groupon deals via web search and direct URL navigation. No prompt injection directives, data exfiltration instructions, executable code, or malicious behaviors were detected in any skill file. Installation followed standard OpenClaw monorepo sparse-checkout patterns, all canary honeypot files remained intact, and no unexpected network or filesystem activity was attributed to the skill.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 97/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 92/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (4)

INFO Third-party web content injection surface -5

The skill directs the agent to browse groupon.com pages and process returned content. Malicious or compromised content on those pages could attempt to inject instructions into the agent. This is an inherent risk for any web-browsing skill and is not attributable to the skill author's design choices.

INFO No sensitive file access instructions -3

The skill contains zero references to filesystem paths, environment variables, credentials, or any exfiltration mechanism. Canary files were confirmed intact post-install.

INFO Standard OpenClaw sparse-checkout install pattern -8

Installation executed the expected monorepo clone-and-extract workflow. GitHub was the only novel external connection during install. Platform gateway connections (openclaw-gatewa, pid=1083) predate skill installation.

INFO Narrow, benign capability scope -10

Skill exclusively instructs web search and URL navigation toward a single commercial deals platform. No privileged operations, no credential usage, no multi-step attack chains possible from skill content alone.