Is dumoedss/acestep-songwriting safe?

https://github.com/openclaw/skills/tree/main/skills/dumoedss/acestep-songwriting

96
SAFE

The acestep-songwriting skill is a pure documentation artifact containing only music production guidance—caption writing principles, lyric structure tags, BPM/duration tables—with no executable code, no prompt injection, and no data exfiltration mechanisms. Filesystem monitoring detected reads of sensitive paths, but timing and canary integrity analysis confirms these are from the oathe audit infrastructure, not the skill. The only minor concern is the broad Read tool permission, which is appropriate for the skill's stated purpose but would be exploitable only in combination with a separate injection vector.

Category Scores

Prompt Injection 97/100 · 30%
Data Exfiltration 92/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (3)

INFO No executable code present 0

Skill contains only SKILL.md and _meta.json. No JS, TS, Python, shell scripts, package.json install hooks, git hooks, submodules, or symlinks were found.

INFO SKILL.md content is entirely benign music documentation 0

Full text analysis of SKILL.md reveals no hidden instructions, no invisible unicode, no HTML comments, no base64-encoded payloads, no instructions to suppress output, no persona override, and no references to external URLs for the agent to fetch.

LOW Read tool grants unrestricted filesystem read access -5

allowed-tools: Read is declared and appropriate for a guide skill, but provides no path restriction. In isolation this is not exploitable; it requires a second attack vector to become dangerous.