Is fratua/readme-generator safe?

https://github.com/openclaw/skills/tree/main/skills/fratua/readme-generator

95
SAFE

This README generator skill appears to be legitimate and well-designed for its stated purpose. It reads project files to analyze structure and generate comprehensive documentation, which is appropriate behavior. No security concerns detected in prompt structure, code execution, or installation behavior.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (1)

LOW Reads Various Project Files -10

The skill instructs reading multiple project files including package.json, tsconfig.json, Dockerfile, LICENSE files, and source directories. While this is legitimate and necessary for README generation, it represents broad file access within the project scope.