Is dmx64/security-scanner safe?

https://github.com/openclaw/skills/tree/main/skills/dmx64/security-scanner

91
SAFE

This skill provides legitimate documentation for common security scanning tools like nmap, nuclei, and sslscan. While the skill itself contains no malicious code or injection attempts, it documents tools that have significant dual-use potential for both authorized security testing and unauthorized reconnaissance.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (4)

MEDIUM Documents Potentially Dangerous Security Tools -10

The skill provides documentation for security scanning tools including nmap, nuclei, sslscan, nikto, and testssl.sh. While these are legitimate security tools, they can be used maliciously for unauthorized reconnaissance and vulnerability discovery.

LOW Dual-Use Security Tool Documentation -15

While the skill includes an ethics section emphasizing authorized scanning only, the documented tools have significant dual-use potential for both defensive security and malicious reconnaissance.

LOW Security Tool Output Could Reveal Sensitive Information -10

The documented scanning tools are designed to discover vulnerabilities and system information, which could inadvertently expose sensitive data about target systems.

INFO Security Context Awareness -5

The skill operates in a security context with tools that require careful handling, though no direct injection attempts were detected.