Is gprecious/engineering-as-marketing safe?

https://github.com/openclaw/skills/tree/main/skills/gprecious/engineering-as-marketing

94
SAFE

The gprecious/engineering-as-marketing skill is a legitimate, purely documentary SEO growth strategy guide containing only markdown files with zero executable code, no prompt injection patterns, and no data exfiltration mechanisms. Canary file reads observed during monitoring are attributable to the OATHE audit harness's own baseline and post-install verification routines, not to any skill behavior. The only risk is the skill's legitimate intended use — mass AI-assisted tool page generation — which could be misused for SEO spam if a bad actor directed an agent to implement it at scale.

Category Scores

Prompt Injection 97/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 97/100 · 20%
Clone Behavior 93/100 · 10%
Canary Integrity 90/100 · 10%
Behavioral Reasoning 87/100 · 5%

Findings (4)

INFO Canary Files Read During Audit Harness Scans -10

All six canary credential files (.env, .ssh/id_rsa, .aws/credentials, .npmrc, .docker/config.json, GCP credentials) were read at two points: before install (1771909084) and after install (1771909107). The identical access pattern, sub-millisecond timing across all six files, and correlation with audit harness process activity strongly indicate these reads are from the OATHE infrastructure itself performing baseline and post-install verification, not from any skill behavior. File integrity is confirmed intact.

INFO Mass SEO Tool Generation Pattern -13

The skill explicitly describes a workflow for generating 50+ free tool pages using AI assistance (5 minutes per tool), which at scale could enable SEO spam farms if misused. This is the skill's stated legitimate purpose but represents a dual-use capability when an agent has file creation and deployment access.

INFO No Exfiltration Mechanisms Present 0

All skill files are pure markdown documentation. No code paths exist that could read or transmit user credentials, environment variables, or any other sensitive data. Network activity during install was limited to GitHub HTTPS for the repository clone.

INFO Clean Install — GitHub Traffic Only -7

Installation cloned from github.com/openclaw/skills.git via sparse checkout, copied skill files to target directory, and cleaned up temp files. No unexpected network connections, process spawning, or filesystem modifications outside the designated skill directory.