Is dgoss28/happenstance safe?

https://github.com/openclaw/skills/tree/main/skills/dgoss28/happenstance

88
SAFE

The dgoss28/happenstance skill is a straightforward API integration providing documentation for the Happenstance professional network search service. No prompt injection, malicious code, executable scripts, git hooks, or credential exfiltration was detected; the installation was clean and all canary files remained intact. The primary concerns are privacy-related: the skill enables detailed OSINT-grade profiling of individuals (employment, locations, writings, hobbies) and transmits user network graph data to a third-party service, meaning a manipulated or compromised agent could silently conduct surveillance on specific individuals, and repeated API calls could drain the user's prepaid credits.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 82/100 · 25%
Code Execution 98/100 · 20%
Clone Behavior 97/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 72/100 · 5%

Findings (7)

LOW User professional network graph transmitted to third-party service -12

When the agent executes searches with include_my_connections:true or include_friends_connections:true, the user's professional network relationship graph is transmitted to Happenstance's servers. Users may not realize their contact graph — not just their explicit search queries — is shared externally. This is by design but warrants informed consent.

LOW Search queries and research subjects sent to external API -6

All search text and person descriptions (names, companies, social handles, locations) submitted via the agent are transmitted to api.happenstance.ai. If an agent is tasked with researching a sensitive subject (e.g., a whistleblower, job applicant, or private individual), that information becomes known to the Happenstance service.

LOW Comprehensive OSINT profiling capability risks privacy abuse -20

The /v1/research endpoint produces detailed personal dossiers covering employment history, education, current physical locations, written publications, and personal hobbies. An agent that is manipulated via prompt injection from an external source (e.g., a malicious email or document) could silently use this skill to profile targeted individuals without user knowledge or intent.

LOW Credit drain risk via repeated or paginated API calls -8

Each search costs 2 credits and each research costs 1 credit. The find-more pagination endpoint also costs 2 credits. An agent that misunderstands a user's intent, or is manipulated via adversarial input, could trigger many sequential API calls, draining the user's prepaid Happenstance credit balance.

INFO Tips section shapes agent polling and presentation behavior -5

The Tips section includes instructional language ('Always check credits before starting multiple searches', 'When presenting search results, include the person's name, title, company...') that subtly influences agent decision-making. This is standard API documentation and entirely benign, but it represents soft behavioral guidance embedded in the skill prompt.

INFO API key exposed in curl command headers 0

The HAPPENSTANCE_API_KEY is included as a Bearer token in every curl invocation shown in the skill documentation. The key is transmitted in cleartext (over TLS) to Happenstance servers and will appear in server-side access logs. This is standard OAuth/API key practice but users should treat the key as sensitive.

INFO Pre-existing Ubuntu/Canonical connections present before install 0

Two established TCP connections to 185.125.188.58:443 (Canonical/Ubuntu infrastructure) existed before the skill was installed and were absent afterward. These are consistent with system update or Snap store activity and are unrelated to the skill.