Is efekucuk/tezos safe?

https://github.com/openclaw/skills/tree/main/skills/efekucuk/tezos

93
SAFE

This is a comprehensive educational skill for Tezos blockchain development that provides security-focused smart contract development guidance, token standards implementation, and deployment best practices. The skill appears legitimate with appropriate tool permissions for its intended purpose and no evidence of malicious behavior.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

LOW Bash command permissions requested -15

Skill requests permission to execute npm, ligo, and octez-client bash commands. While appropriate for Tezos development, this represents elevated permissions that could be misused if the skill were compromised.

INFO Large comprehensive skill file -5

Skill contains extensive educational content about Tezos development, increasing potential attack surface but content appears legitimate and educational.