Is geometrydotsh/geometry safe?

https://github.com/openclaw/skills/tree/main/skills/geometrydotsh/geometry

93
SAFE

This skill is a safe documentation-only resource for an AI image generation API service. It contains no executable code, prompt injections, or malicious behavior, only technical documentation and usage examples for a legitimate paid service.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 90/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (2)

LOW Canary files accessed during installation -15

System processes accessed sensitive canary files (.env, SSH keys, AWS credentials, etc.) during skill installation, though no actual exfiltration occurred

INFO External service integration -10

Skill documents integration with external API (api.geometry.sh) and cryptocurrency payment system (x402 on Solana) which requires user discretion when implementing