Is didelco/pvpc-spain safe?
https://github.com/openclaw/skills/tree/main/skills/didelco/pvpc-spain
pvpc-spain is a well-scoped, stdlib-only Python skill that fetches Spanish electricity price data from the public ESIOS API and presents it in human-readable form. No prompt injection, hidden instructions, sensitive file access, or malicious code was detected in any of the five scripts or the SKILL.md. All canary files remain intact, and the only external network activity attributable to the skill is a transparent GET request to the documented public API endpoint.
Category Scores
Findings (4)
LOW Outbound HTTPS to external API on every invocation -11 ▶
get_pvpc.py unconditionally calls https://api.esios.ree.es/archives/70/download_json — the official public ESIOS endpoint. No user data or environment variables are transmitted; only a date string is appended. The call is transparent and documented in SKILL.md. Flagged only because all external calls merit disclosure.
INFO Post-install openclaw-gateway connections observed -12 ▶
After install, the connection diff shows tcp ESTAB sessions owned by openclaw-gatewa (pid=1087) to 104.16.3.34 (Cloudflare) and 34.233.6.177 (AWS). This process was pre-existing (present in baseline) and is the audit platform's own orchestration daemon, not a process spawned by the skill.
INFO Stdlib-only Python with no execution surface 0 ▶
All five scripts use only Python standard library modules (json, datetime, urllib.request, argparse, sys). No subprocess, no eval, no exec, no shell passthrough. argparse handles all user-supplied parameters safely.
INFO Clean SKILL.md with no adversarial instructions -3 ▶
SKILL.md consists entirely of legitimate usage examples mapping user intents to specific python script invocations. No instructions to override system prompts, ignore prior context, exfiltrate data, or alter agent persona were found.