Is hagiss/askhuman safe?

https://github.com/openclaw/skills/tree/main/skills/hagiss/askhuman

95
SAFE

AskHuman is a legitimate human-in-the-loop service that allows AI agents to request human judgment for subjective decisions. The skill contains only documentation and configuration files with no executable code or malicious behavior.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (3)

LOW External API dependency -5

The skill makes API calls to askhuman-api.onrender.com for its core functionality. This is legitimate for the service but creates an external dependency.

LOW Human worker data exposure -10

Task content is sent to external human workers. Users should be aware that sensitive information in task descriptions could be exposed to third parties.

INFO Cryptocurrency payment processing -5

The service includes USDC payment functionality on Base chain, adding complexity around wallet management and permits.