Is gh-xj/agentcli-go safe?

https://github.com/openclaw/skills/tree/main/skills/gh-xj/agentcli-go

97
SAFE

The agentcli-go skill is a clean, documentation-only reference for a Go CLI framework. The install process performed a standard git sparse-checkout with no executable payload, no suspicious network activity, no hooks, and no filesystem side-effects outside the designated skill directory. All canary honeypot files remained intact and unmodified throughout the audit window.

Category Scores

Prompt Injection 98/100 · 30%
Data Exfiltration 97/100 · 25%
Code Execution 99/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

INFO Skill is documentation-only; no executable payload 0

All three installed files are static data: a Markdown reference document, a JSON metadata file, and a lock file. No code is injected into the agent's tool environment.

INFO Network traffic limited to GitHub + Ubuntu infrastructure 0

Observed outbound HTTPS connections went to 140.82.113.4 (GitHub), 91.189.91.49 and 185.125.188.x (Ubuntu/Canonical update servers for the VM's GDM session startup), and 98.83.99.233 (openclaw-gateway pre-existing process). No novel exfiltration endpoints appeared post-install.

INFO SKILL.md contains no adversarial instructions 0

Full text review found no override directives, persona switches, hidden instructions, invisible Unicode, HTML comments, or external URL fetch commands. The content is consistent with its stated purpose: a technical reference for a Go CLI library.