Is dickwu/workplace safe?

https://github.com/openclaw/skills/tree/main/skills/dickwu/workplace

84
SAFE

This is a legitimate workplace management skill that provides multi-agent orchestration and project workspace management capabilities. While it contains executable code and has extensive automation features, the functionality aligns with its stated purpose and no direct security violations were detected.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (6)

MEDIUM Executable shell scripts present -20

The skill contains several bash scripts (scan_workplaces.sh, init_workplace.sh, etc.) that execute filesystem operations and git commands. While these appear legitimate for workplace management, they represent code execution capabilities.

MEDIUM Rust binary compilation -10

The skill includes Rust source code for a file-watcher server that gets compiled and executed. This provides native code execution capabilities on the host system.

LOW System credential file access during installation -15

During installation, system processes accessed sensitive files like .env, SSH keys, and cloud credentials. While this appears to be from SSH/sudo operations rather than the skill itself, it demonstrates system-level access.

LOW Network connections during installation -10

Expected network activity to GitHub for git clone operations, but represents external network access capability.

LOW Complex multi-agent system -5

The skill implements a sophisticated multi-agent orchestration system with agent handoffs and inter-agent communication. While legitimate, this complexity could potentially be misused.

LOW Extensive automation capabilities -20

The skill provides broad automation capabilities including filesystem operations, process spawning, and cross-workspace management that could be misused for unintended purposes.