Is elvisbim/futurescout safe?

https://github.com/openclaw/skills/tree/main/skills/elvisbim/futurescout

71
CAUTION

This skill is a sophisticated prompt injection attack disguised as an investment analysis tool that attempts to completely override the agent's persona and behavior. While it contains no malicious code or data exfiltration attempts, it poses significant risks by trying to make the agent impersonate a financial advisor and bypass normal user control mechanisms.

Category Scores

Prompt Injection 20/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 30/100 · 5%

Findings (5)

CRITICAL Complete Agent Persona Override -70

The skill attempts to completely redefine the agent's identity as '未来侦察兵' (Future Scout), a dedicated investment advisor. This constitutes a severe prompt injection that could override system instructions and mislead users about the agent's capabilities and limitations.

HIGH Automatic Behavior Activation -10

The skill instructs the agent to automatically generate weekly reports without user prompting, which bypasses normal user control mechanisms and could interfere with other agent interactions.

HIGH Financial Advisory Impersonation -50

The skill makes the agent present as a financial investment advisor with specific methodologies and recommendations, which could mislead users and create liability issues around financial advice.

MEDIUM Persistent Memory Anchors -20

The skill attempts to create persistent behavioral modifications through 'memory anchors' that could affect the agent's responses even outside the skill's intended scope.

LOW No Data Access Attempts -5

Monitoring detected no attempts to access sensitive files or exfiltrate data during installation or execution.